CVEs and Security Vulnerabilities CVEs and Security Vulnerabilities

Filtered by vendor Metagauss Subscriptions

Total 136 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-23976	1 Metagauss	1 Registrationmagic	2026-04-28	7.5 High
Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.1.9.2.
CVE-2022-41791	1 Metagauss	1 Profilegrid	2026-04-28	6.8 Medium
Auth. (subscriber+) CSV Injection vulnerability in ProfileGrid plugin <= 5.1.6 on WordPress.
CVE-2022-36352	1 Metagauss	1 Profilegrid	2026-04-28	6.3 Medium
Missing Authorization vulnerability in Profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.0.3.
CVE-2025-63006	2 Metagauss, Wordpress	2 Eventprime, Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through <= 4.2.4.1.
CVE-2025-63007	2 Metagauss, Wordpress	2 Eventprime, Wordpress	2026-04-24	4.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Retrieve Embedded Sensitive Data.This issue affects EventPrime: from n/a through <= 4.2.4.1.
CVE-2026-24374	2 Metagauss, Wordpress	2 Registrationmagic, Wordpress	2026-04-24	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Cross Site Request Forgery.This issue affects RegistrationMagic: from n/a through <= 6.0.6.9.
CVE-2026-24380	2 Metagauss, Wordpress	2 Eventprime, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through <= 4.2.8.0.
CVE-2026-32498	2 Metagauss, Wordpress	2 Registrationmagic, Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through <= 6.0.7.6.
CVE-2026-25417	2 Metagauss, Wordpress	2 Profilegrid, Wordpress	2026-04-24	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Stored XSS.This issue affects ProfileGrid : from n/a through <= 5.9.8.1.
CVE-2026-24378	2 Metagauss, Wordpress	2 Eventprime, Wordpress	2026-04-24	9.8 Critical
Deserialization of Untrusted Data vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Object Injection.This issue affects EventPrime: from n/a through <= 4.2.8.0.
CVE-2026-24373	2 Metagauss, Wordpress	2 Registrationmagic, Wordpress	2026-04-24	8.1 High
Incorrect Privilege Assignment vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Privilege Escalation.This issue affects RegistrationMagic: from n/a through <= 6.0.7.1.
CVE-2025-69358	2 Metagauss, Wordpress	2 Eventprime, Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through <= 4.2.6.0.
CVE-2025-4957	2 Metagauss, Wordpress	2 Profilegrid, Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Reflected XSS.This issue affects ProfileGrid : from n/a through <= 5.9.5.7.
CVE-2025-49876	2 Metagauss, Wordpress	2 Profilegrid, Wordpress	2026-04-23	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows SQL Injection.This issue affects ProfileGrid : from n/a through <= 5.9.5.2.
CVE-2025-49033	2 Metagauss, Wordpress	2 Profilegrid, Wordpress	2026-04-23	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Blind SQL Injection.This issue affects ProfileGrid : from n/a through <= 5.9.5.3.
CVE-2025-48079	1 Metagauss	1 Profilegrid	2026-04-23	4.3 Medium
Missing Authorization vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfileGrid : from n/a through <= 5.9.5.1.
CVE-2025-47478	1 Metagauss	1 Profilegrid	2026-04-23	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows SQL Injection.This issue affects ProfileGrid : from n/a through <= 5.9.5.0.
CVE-2025-39586	1 Metagauss	1 Profilegrid	2026-04-23	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows SQL Injection.This issue affects ProfileGrid : from n/a through <= 5.9.4.8.
CVE-2025-26999	1 Metagauss	1 Profilegrid	2026-04-23	8.8 High
Deserialization of Untrusted Data vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Object Injection.This issue affects ProfileGrid : from n/a through <= 5.9.4.3.
CVE-2025-24686	1 Metagauss	1 Registrationmagic	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Reflected XSS.This issue affects RegistrationMagic: from n/a through <= 6.0.3.3.

« first previous Page 2 of 7. next last »