ReportizFlow
Filtered by vendor E-plugins
Subscriptions
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-64243 | 2 E-plugins, Wordpress | 2 Directory Pro, Wordpress | 2026-04-24 | 4.3 Medium |
| Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through <= 2.5.6. | ||||
| CVE-2025-13504 | 2 E-plugins, Wordpress | 2 Real Estate Pro, Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Real Estate Pro real-estate-pro allows Reflected XSS.This issue affects Real Estate Pro: from n/a through <= 2.1.4. | ||||
| CVE-2025-68057 | 2 E-plugins, Wordpress | 2 Hospital & Doctor Directory, Wordpress | 2026-04-24 | 7.6 High |
| Missing Authorization vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hospital Doctor Directory: from n/a through <= 1.3.9. | ||||
| CVE-2025-68058 | 2 E-plugins, Wordpress | 2 Institutions Directory, Wordpress | 2026-04-24 | 7.6 High |
| Missing Authorization vulnerability in e-plugins Institutions Directory institutions-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Institutions Directory: from n/a through <= 1.3..4. | ||||
| CVE-2025-57948 | 2 E-plugins, Wordpress | 2 Directory Pro, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Directory Pro directory-pro allows DOM-Based XSS.This issue affects Directory Pro: from n/a through <= 2.5.5. | ||||
| CVE-2025-54717 | 2 E-plugins, Wordpress | 2 Wp Membership, Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in e-plugins WP Membership wp-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Membership: from n/a through <= 1.6.3. | ||||
| CVE-2026-28127 | 2 E-plugins, Wordpress | 2 Lawyer Directory, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Lawyer Directory lawyer-directory allows Reflected XSS.This issue affects Lawyer Directory: from n/a through <= 1.3.2. | ||||
| CVE-2026-27396 | 2 E-plugins, Wordpress | 2 Directory Pro, Wordpress | 2026-04-23 | 7.3 High |
| Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through <= 2.5.6. | ||||
| CVE-2025-69181 | 2 E-plugins, Wordpress | 2 Lawyer Directory, Wordpress | 2026-04-15 | 7.3 High |
| Missing Authorization vulnerability in e-plugins Lawyer Directory lawyer-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lawyer Directory: from n/a through <= 1.3.4. | ||||
| CVE-2025-69188 | 2 E-plugins, Wordpress | 2 Fitness Trainer, Wordpress | 2026-04-15 | 7.3 High |
| Missing Authorization vulnerability in e-plugins fitness-trainer fitness-trainer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects fitness-trainer: from n/a through <= 1.7.1. | ||||
| CVE-2025-52748 | 2 E-plugins, Wordpress | 2 Directory Pro, Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Directory Pro directory-pro allows Reflected XSS.This issue affects Directory Pro: from n/a through <= 2.5.5. | ||||
| CVE-2025-69184 | 2 E-plugins, Wordpress | 2 Institutions Directory, Wordpress | 2026-04-15 | 7.3 High |
| Missing Authorization vulnerability in e-plugins Institutions Directory institutions-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Institutions Directory: from n/a through <= 1.3.4. | ||||
| CVE-2024-10547 | 1 E-plugins | 1 Wp Membership | 2026-04-15 | 9.8 Critical |
| The WP Membership plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the user_profile_image_upload() function in all versions up to, and including, 1.6.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. | ||||
| CVE-2025-69292 | 2 E-plugins, Wordpress | 2 Wp Membership, Wordpress | 2026-04-15 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through <= 1.6.4. | ||||
| CVE-2025-69192 | 2 E-plugins, Wordpress | 2 Real Estate Pro, Wordpress | 2026-04-15 | 7.3 High |
| Missing Authorization vulnerability in e-plugins Real Estate Pro real-estate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real Estate Pro: from n/a through <= 2.1.5. | ||||
| CVE-2025-69186 | 2 E-plugins, Wordpress | 2 Hospital & Doctor Directory, Wordpress | 2026-04-15 | 7.3 High |
| Missing Authorization vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hospital Doctor Directory: from n/a through <= 1.3.9. | ||||
| CVE-2025-69183 | 2 E-plugins, Wordpress | 2 Hospital & Doctor Directory, Wordpress | 2026-04-15 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Privilege Escalation.This issue affects Hospital Doctor Directory: from n/a through <= 1.3.9. | ||||
| CVE-2025-69182 | 2 E-plugins, Wordpress | 2 Institutions Directory, Wordpress | 2026-04-15 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in e-plugins Institutions Directory institutions-directory allows Privilege Escalation.This issue affects Institutions Directory: from n/a through <= 1.3.4. | ||||
| CVE-2025-69293 | 2 E-plugins, Wordpress | 2 Final User, Wordpress | 2026-04-15 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Escalation.This issue affects Final User: from n/a through <= 1.2.5. | ||||
| CVE-2025-69187 | 2 E-plugins, Wordpress | 2 Final User, Wordpress | 2026-04-15 | 7.3 High |
| Missing Authorization vulnerability in e-plugins Final User final-user allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Final User: from n/a through <= 1.2.5. | ||||