diff --git a/internal/data/assets/plugin_736d6172742d666f726d73811c9dc5_gen.json b/internal/data/assets/plugin_736d6172742d666f726d73811c9dc5_gen.json index a6cdddf9..83e394cc 100644 --- a/internal/data/assets/plugin_736d6172742d666f726d73811c9dc5_gen.json +++ b/internal/data/assets/plugin_736d6172742d666f726d73811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/29c762c7-7bb9-42bc-9e22-0f4da2a5c59b/smart-forms","title":"Smart Forms <= 2.6.86 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"29c762c7-7bb9-42bc-9e22-0f4da2a5c59b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/29c762c7-7bb9-42bc-9e22-0f4da2a5c59b?source=api-prod","cve":"CVE-2023-7203","affectedVersions":"<=2.6.86","severity":"medium"},{"advisoryId":"WPSECADV/WF/34a6d349-dfdc-4301-9380-7fc64c25f043/smart-forms","title":"Smart Forms < 2.6.71 - Missing Authorization to Sensitive Information Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-02-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"34a6d349-dfdc-4301-9380-7fc64c25f043"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/34a6d349-dfdc-4301-9380-7fc64c25f043?source=api-prod","cve":"CVE-2022-0163","affectedVersions":"<2.6.71","severity":"medium"},{"advisoryId":"WPSECADV/WF/372149c4-b6b4-43c8-896f-af69712f3a82/smart-forms","title":"Smart Forms – when you need more than just a contact form <= 2.9.95 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"372149c4-b6b4-43c8-896f-af69712f3a82"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/372149c4-b6b4-43c8-896f-af69712f3a82?source=api-prod","cve":"CVE-2024-1905","affectedVersions":"<=2.6.95","severity":"medium"},{"advisoryId":"WPSECADV/WF/381ec109-ca51-4011-b7e0-aec636540d59/smart-forms","title":"Smart Forms <= 2.6.99 - Missing Authorization to Authenticated (Subscriber+) Campaign Data Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-13 18:31:39","sources":[{"name":"Wordfence","remoteId":"381ec109-ca51-4011-b7e0-aec636540d59"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/381ec109-ca51-4011-b7e0-aec636540d59?source=api-prod","cve":"CVE-2026-2022","affectedVersions":"<=2.6.99","severity":"medium"},{"advisoryId":"WPSECADV/WF/3ac48cd9-1de5-4840-b3f3-dc24ca52442e/smart-forms","title":"Smart Forms <= 2.6.84 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"3ac48cd9-1de5-4840-b3f3-dc24ca52442e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3ac48cd9-1de5-4840-b3f3-dc24ca52442e?source=api-prod","cve":"CVE-2023-49856","affectedVersions":"<=2.6.84","severity":"high"},{"advisoryId":"WPSECADV/WF/4e6a896c-9cca-4e4d-b26d-0103a8b39bf7/smart-forms","title":"Smart Forms <= 2.6.93 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"4e6a896c-9cca-4e4d-b26d-0103a8b39bf7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4e6a896c-9cca-4e4d-b26d-0103a8b39bf7?source=api-prod","cve":"CVE-2024-1307","affectedVersions":"<=2.6.93","severity":"medium"},{"advisoryId":"WPSECADV/WF/5331c7cc-3854-4975-9f28-e9b0d6407227/smart-forms","title":"Smart Forms – when you need more than just a contact form <= 2.1.0 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2014-11-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"5331c7cc-3854-4975-9f28-e9b0d6407227"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5331c7cc-3854-4975-9f28-e9b0d6407227?source=api-prod","cve":"CVE-2014-8803","affectedVersions":"<=2.1.0","severity":"high"},{"advisoryId":"WPSECADV/WF/7f52cbb4-8fe3-4402-8ece-261d32329a42/smart-forms","title":"Smart Forms <= 2.6.98 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-23 13:53:24","sources":[{"name":"Wordfence","remoteId":"7f52cbb4-8fe3-4402-8ece-261d32329a42"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7f52cbb4-8fe3-4402-8ece-261d32329a42?source=api-prod","cve":"CVE-2025-5055","affectedVersions":"<=2.6.98","severity":"medium"},{"advisoryId":"WPSECADV/WF/81939cc9-b8f7-4c40-b963-4f6f8c7043e7/smart-forms","title":"Smart Forms < 2.6.26 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-02-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"81939cc9-b8f7-4c40-b963-4f6f8c7043e7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/81939cc9-b8f7-4c40-b963-4f6f8c7043e7?source=api-prod","cve":"CVE-2019-5924","affectedVersions":"<2.6.26","severity":"high"},{"advisoryId":"WPSECADV/WF/8a643fa1-afdb-4710-ba1c-3b226b4098bd/smart-forms","title":"Smart Forms <= 2.6.91 - Missing Authorization to Notice Dismissal\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"8a643fa1-afdb-4710-ba1c-3b226b4098bd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8a643fa1-afdb-4710-ba1c-3b226b4098bd?source=api-prod","cve":"CVE-2024-33593","affectedVersions":"<=2.6.91","severity":"medium"},{"advisoryId":"WPSECADV/WF/9ed9c59c-191f-4219-8701-ce2f088b3b6d/smart-forms","title":"Smart Forms <= 2.6.93 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"9ed9c59c-191f-4219-8701-ce2f088b3b6d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9ed9c59c-191f-4219-8701-ce2f088b3b6d?source=api-prod","cve":"CVE-2024-1306","affectedVersions":"<=2.6.93","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/29c762c7-7bb9-42bc-9e22-0f4da2a5c59b/smart-forms","title":"Smart Forms <= 2.6.86 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"29c762c7-7bb9-42bc-9e22-0f4da2a5c59b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/29c762c7-7bb9-42bc-9e22-0f4da2a5c59b?source=api-prod","cve":"CVE-2023-7203","affectedVersions":"<=2.6.86","severity":"medium"},{"advisoryId":"WPSECADV/WF/34a6d349-dfdc-4301-9380-7fc64c25f043/smart-forms","title":"Smart Forms < 2.6.71 - Missing Authorization to Sensitive Information Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-02-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"34a6d349-dfdc-4301-9380-7fc64c25f043"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/34a6d349-dfdc-4301-9380-7fc64c25f043?source=api-prod","cve":"CVE-2022-0163","affectedVersions":"<2.6.71","severity":"medium"},{"advisoryId":"WPSECADV/WF/372149c4-b6b4-43c8-896f-af69712f3a82/smart-forms","title":"Smart Forms – when you need more than just a contact form <= 2.9.95 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"372149c4-b6b4-43c8-896f-af69712f3a82"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/372149c4-b6b4-43c8-896f-af69712f3a82?source=api-prod","cve":"CVE-2024-1905","affectedVersions":"<=2.6.95","severity":"medium"},{"advisoryId":"WPSECADV/WF/381ec109-ca51-4011-b7e0-aec636540d59/smart-forms","title":"Smart Forms <= 2.6.100 - Missing Authorization to Authenticated (Subscriber+) Campaign Data Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-13 18:31:39","sources":[{"name":"Wordfence","remoteId":"381ec109-ca51-4011-b7e0-aec636540d59"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/381ec109-ca51-4011-b7e0-aec636540d59?source=api-prod","cve":"CVE-2026-2022","affectedVersions":"<=2.6.100","severity":"medium"},{"advisoryId":"WPSECADV/WF/3ac48cd9-1de5-4840-b3f3-dc24ca52442e/smart-forms","title":"Smart Forms <= 2.6.84 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"3ac48cd9-1de5-4840-b3f3-dc24ca52442e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3ac48cd9-1de5-4840-b3f3-dc24ca52442e?source=api-prod","cve":"CVE-2023-49856","affectedVersions":"<=2.6.84","severity":"high"},{"advisoryId":"WPSECADV/WF/4e6a896c-9cca-4e4d-b26d-0103a8b39bf7/smart-forms","title":"Smart Forms <= 2.6.93 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"4e6a896c-9cca-4e4d-b26d-0103a8b39bf7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4e6a896c-9cca-4e4d-b26d-0103a8b39bf7?source=api-prod","cve":"CVE-2024-1307","affectedVersions":"<=2.6.93","severity":"medium"},{"advisoryId":"WPSECADV/WF/5331c7cc-3854-4975-9f28-e9b0d6407227/smart-forms","title":"Smart Forms – when you need more than just a contact form <= 2.1.0 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2014-11-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"5331c7cc-3854-4975-9f28-e9b0d6407227"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5331c7cc-3854-4975-9f28-e9b0d6407227?source=api-prod","cve":"CVE-2014-8803","affectedVersions":"<=2.1.0","severity":"high"},{"advisoryId":"WPSECADV/WF/7f52cbb4-8fe3-4402-8ece-261d32329a42/smart-forms","title":"Smart Forms <= 2.6.98 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-23 13:53:24","sources":[{"name":"Wordfence","remoteId":"7f52cbb4-8fe3-4402-8ece-261d32329a42"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7f52cbb4-8fe3-4402-8ece-261d32329a42?source=api-prod","cve":"CVE-2025-5055","affectedVersions":"<=2.6.98","severity":"medium"},{"advisoryId":"WPSECADV/WF/81939cc9-b8f7-4c40-b963-4f6f8c7043e7/smart-forms","title":"Smart Forms < 2.6.26 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-02-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"81939cc9-b8f7-4c40-b963-4f6f8c7043e7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/81939cc9-b8f7-4c40-b963-4f6f8c7043e7?source=api-prod","cve":"CVE-2019-5924","affectedVersions":"<2.6.26","severity":"high"},{"advisoryId":"WPSECADV/WF/8a643fa1-afdb-4710-ba1c-3b226b4098bd/smart-forms","title":"Smart Forms <= 2.6.91 - Missing Authorization to Notice Dismissal\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"8a643fa1-afdb-4710-ba1c-3b226b4098bd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8a643fa1-afdb-4710-ba1c-3b226b4098bd?source=api-prod","cve":"CVE-2024-33593","affectedVersions":"<=2.6.91","severity":"medium"},{"advisoryId":"WPSECADV/WF/9ed9c59c-191f-4219-8701-ce2f088b3b6d/smart-forms","title":"Smart Forms <= 2.6.93 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"9ed9c59c-191f-4219-8701-ce2f088b3b6d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9ed9c59c-191f-4219-8701-ce2f088b3b6d?source=api-prod","cve":"CVE-2024-1306","affectedVersions":"<=2.6.93","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_757365722d726567697374726174696f6e811c9dc5_gen.json b/internal/data/assets/plugin_757365722d726567697374726174696f6e811c9dc5_gen.json index 292b8907..6bb7afbb 100644 --- a/internal/data/assets/plugin_757365722d726567697374726174696f6e811c9dc5_gen.json +++ b/internal/data/assets/plugin_757365722d726567697374726174696f6e811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/020bed37-9544-49b7-941d-3b7f509fdfdf/user-registration","title":"User Registration & Membership <= 5.1.4 - Unauthenticated Open Redirect via 'redirect_to_on_logout' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-13 09:51:38","sources":[{"name":"Wordfence","remoteId":"020bed37-9544-49b7-941d-3b7f509fdfdf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/020bed37-9544-49b7-941d-3b7f509fdfdf?source=api-prod","cve":"CVE-2026-6203","affectedVersions":"<=5.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/07c79459-66b8-4c93-a1cd-6e3ede95643f/user-registration","title":"User Registration & Membership <= 5.1.2 - Authenticated (Subscriber+) SQL Injection via membership_ids[]\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-07 23:11:46","sources":[{"name":"Wordfence","remoteId":"07c79459-66b8-4c93-a1cd-6e3ede95643f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/07c79459-66b8-4c93-a1cd-6e3ede95643f?source=api-prod","cve":"CVE-2026-1865","affectedVersions":"<=5.1.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/0e0bee7c-8dce-421c-af16-7e5152797e6c/user-registration","title":"User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.0.4 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-02-27 16:48:16","sources":[{"name":"Wordfence","remoteId":"0e0bee7c-8dce-421c-af16-7e5152797e6c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0e0bee7c-8dce-421c-af16-7e5152797e6c?source=api-prod","cve":"CVE-2025-1511","affectedVersions":"<=4.0.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/1b70b9b1-bde9-4a32-ae7b-a4c8d73abbc4/user-registration","title":"User Registration – Custom Registration Form, Login Form And User Profile For WordPress <= 3.0.4.1 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-10-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"1b70b9b1-bde9-4a32-ae7b-a4c8d73abbc4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1b70b9b1-bde9-4a32-ae7b-a4c8d73abbc4?source=api-prod","cve":"CVE-2023-5228","affectedVersions":"<=3.0.4.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/2244945a-5b3a-463d-9910-46a6f7afaf6c/user-registration","title":"User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin <= 4.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-15 02:13:58","sources":[{"name":"Wordfence","remoteId":"2244945a-5b3a-463d-9910-46a6f7afaf6c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2244945a-5b3a-463d-9910-46a6f7afaf6c?source=api-prod","cve":"CVE-2025-13367","affectedVersions":"<=4.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/26529849-c52c-40e5-8085-6764c22a03e7/user-registration","title":"User Registration <= 2.3.0 - Authenticated (Administrator+) Stored Cross Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"26529849-c52c-40e5-8085-6764c22a03e7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/26529849-c52c-40e5-8085-6764c22a03e7?source=api-prod","cve":"CVE-2023-23987","affectedVersions":"<=2.3.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/30339ff6-b6bf-4c56-b6cd-db0b8a6ce8b6/user-registration","title":"User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.2.1 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"30339ff6-b6bf-4c56-b6cd-db0b8a6ce8b6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/30339ff6-b6bf-4c56-b6cd-db0b8a6ce8b6?source=api-prod","cve":"CVE-2025-3281","affectedVersions":"<=4.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/3590277a-3319-4707-b728-d75ea59e8ad9/user-registration","title":"User Registration <= 3.0.1 - Authenticated (Subscriber+) PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"3590277a-3319-4707-b728-d75ea59e8ad9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3590277a-3319-4707-b728-d75ea59e8ad9?source=api-prod","cve":"CVE-2023-3343","affectedVersions":"<=3.0.1","severity":"high"},{"advisoryId":"WPSECADV/WF/50f3e469-f788-45da-95e7-aa6da1e87fd1/user-registration","title":"User Registration <= 4.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via urcr_restrict Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-21 12:46:27","sources":[{"name":"Wordfence","remoteId":"50f3e469-f788-45da-95e7-aa6da1e87fd1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/50f3e469-f788-45da-95e7-aa6da1e87fd1?source=api-prod","cve":"CVE-2025-6831","affectedVersions":"<=4.2.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/5835fed0-5b9d-47b5-82ae-f0f19830ae2a/user-registration","title":"User Registration <= 2.3.2.1 - PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-03-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"5835fed0-5b9d-47b5-82ae-f0f19830ae2a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5835fed0-5b9d-47b5-82ae-f0f19830ae2a?source=api-prod","cve":"CVE-2023-27459","affectedVersions":"<=2.3.2.1","severity":"high"},{"advisoryId":"WPSECADV/WF/59a63cd8-9d33-4a2c-a499-5b1ee38c07d6/user-registration","title":"User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Authenticated (Subscriber+) User Password Update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-11 17:44:06","sources":[{"name":"Wordfence","remoteId":"59a63cd8-9d33-4a2c-a499-5b1ee38c07d6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/59a63cd8-9d33-4a2c-a499-5b1ee38c07d6?source=api-prod","cve":"CVE-2025-3292","affectedVersions":"<=4.1.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/6193139b-52bf-425c-b1d3-c6fbd9185f06/user-registration","title":"User Registration <= 4.4.6 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"6193139b-52bf-425c-b1d3-c6fbd9185f06"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6193139b-52bf-425c-b1d3-c6fbd9185f06?source=api-prod","cve":"CVE-2025-67956","affectedVersions":"<=4.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/62b809dc-4089-4822-8aeb-7049fcfe376e/user-registration","title":"User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.4 - Unauthenticated Stored Self-Based Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"62b809dc-4089-4822-8aeb-7049fcfe376e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/62b809dc-4089-4822-8aeb-7049fcfe376e?source=api-prod","cve":"CVE-2024-1720","affectedVersions":"<=3.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/710574a8-a6e2-4ee6-9ea7-03a34994fec7/user-registration","title":"User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.2.0.1 - Missing Authorization to Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-31 18:57:59","sources":[{"name":"Wordfence","remoteId":"710574a8-a6e2-4ee6-9ea7-03a34994fec7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/710574a8-a6e2-4ee6-9ea7-03a34994fec7?source=api-prod","cve":"CVE-2024-4958","affectedVersions":"<=3.2.0.1","severity":"high"},{"advisoryId":"WPSECADV/WF/761a4801-fc4a-40a0-b5aa-303d88a87062/user-registration","title":"User Registration <= 1.5.5 - Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-01-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"761a4801-fc4a-40a0-b5aa-303d88a87062"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/761a4801-fc4a-40a0-b5aa-303d88a87062?source=api-prod","affectedVersions":"<=1.5.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/7bb5a5a2-9644-4850-a5f9-7c925af000c8/user-registration","title":"User Registration & Membership <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Content Access Rule Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-23 11:24:15","sources":[{"name":"Wordfence","remoteId":"7bb5a5a2-9644-4850-a5f9-7c925af000c8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7bb5a5a2-9644-4850-a5f9-7c925af000c8?source=api-prod","cve":"CVE-2026-4056","affectedVersions":"<=5.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/7e9fec92-f471-4ce9-9138-1c58ad658da2/user-registration","title":"User Registration & Membership <= 5.1.2 - Unauthenticated Privilege Escalation via Membership Registration\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-02 16:05:18","sources":[{"name":"Wordfence","remoteId":"7e9fec92-f471-4ce9-9138-1c58ad658da2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7e9fec92-f471-4ce9-9138-1c58ad658da2?source=api-prod","cve":"CVE-2026-1492","affectedVersions":"<=5.1.2","severity":"critical"},{"advisoryId":"WPSECADV/WF/864a3444-0479-4b9f-beca-584a4a9b8682/user-registration","title":"User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.5 - Missing Authorization to Unauthenticated Media Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"864a3444-0479-4b9f-beca-584a4a9b8682"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/864a3444-0479-4b9f-beca-584a4a9b8682?source=api-prod","cve":"CVE-2024-3295","affectedVersions":"<=3.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/98345631-45df-419b-aada-b7053a31b68c/user-registration","title":"User Registration <= 4.1.5 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"98345631-45df-419b-aada-b7053a31b68c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/98345631-45df-419b-aada-b7053a31b68c?source=api-prod","cve":"CVE-2025-39400","affectedVersions":"<=4.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/a4149783-ffa3-4efd-af55-5aa1c0e44443/user-registration","title":"User Registration & Membership <= 4.1.2 - Authentication Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"a4149783-ffa3-4efd-af55-5aa1c0e44443"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a4149783-ffa3-4efd-af55-5aa1c0e44443?source=api-prod","cve":"CVE-2025-2594","affectedVersions":"<=4.1.2","severity":"high"},{"advisoryId":"WPSECADV/WF/a5a1ccb2-4f78-4855-a01d-b15f73407822/user-registration","title":"User Registration & Membership <= 5.1.2 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-25 13:29:35","sources":[{"name":"Wordfence","remoteId":"a5a1ccb2-4f78-4855-a01d-b15f73407822"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a5a1ccb2-4f78-4855-a01d-b15f73407822?source=api-prod","cve":"CVE-2026-2356","affectedVersions":"<=5.1.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/a671128a-74e6-4f92-94af-9e5e37ed7b7a/user-registration","title":"User Registration <= 2.3.2.1 - Missing Authorization via send_test_email\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"a671128a-74e6-4f92-94af-9e5e37ed7b7a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a671128a-74e6-4f92-94af-9e5e37ed7b7a?source=api-prod","cve":"CVE-2023-29429","affectedVersions":"<=2.3.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/a979e885-f7dd-4616-a881-64f3d97c309d/user-registration","title":"User Registration <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"a979e885-f7dd-4616-a881-64f3d97c309d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a979e885-f7dd-4616-a881-64f3d97c309d?source=api-prod","cve":"CVE-2023-3342","affectedVersions":"<=3.0.2","severity":"critical"},{"advisoryId":"WPSECADV/WF/ba326241-46a3-4891-a180-d7977f4e83ed/user-registration","title":"User Registration & Membership <= 4.3.0 - Authenticated (Admin+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"ba326241-46a3-4891-a180-d7977f4e83ed"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ba326241-46a3-4891-a180-d7977f4e83ed?source=api-prod","cve":"CVE-2025-9085","affectedVersions":"<=4.3.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/c07ea205-5a05-43f5-993e-c6e30f660ac8/user-registration","title":"User Registration <= 2.2.4 - Authenticated (Subscriber+) Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"c07ea205-5a05-43f5-993e-c6e30f660ac8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c07ea205-5a05-43f5-993e-c6e30f660ac8?source=api-prod","cve":"CVE-2022-3912","affectedVersions":"<=2.2.4","severity":"high"},{"advisoryId":"WPSECADV/WF/c525b41c-dca5-442a-927e-4583cb303ed1/user-registration","title":"User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"c525b41c-dca5-442a-927e-4583cb303ed1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c525b41c-dca5-442a-927e-4583cb303ed1?source=api-prod","cve":"CVE-2025-3282","affectedVersions":"<=4.1.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/cd4c2c11-2d73-48b4-8e7e-e281451973a2/user-registration","title":"User Registration <= 4.4.9 - Authenticated (Subscriber+) Arbitrary Shortcode Execution\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"cd4c2c11-2d73-48b4-8e7e-e281451973a2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cd4c2c11-2d73-48b4-8e7e-e281451973a2?source=api-prod","cve":"CVE-2026-24353","affectedVersions":"<=4.4.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/d03459d8-b1f2-4270-a294-403754db1f2f/user-registration","title":"User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.5 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"d03459d8-b1f2-4270-a294-403754db1f2f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d03459d8-b1f2-4270-a294-403754db1f2f?source=api-prod","cve":"CVE-2024-2417","affectedVersions":"<=3.1.5","severity":"high"},{"advisoryId":"WPSECADV/WF/d99bc021-ba9e-4294-8dd2-c25bc8007d05/user-registration","title":"User Registration & Membership <= 5.1.2 - Authentication Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-25 13:29:34","sources":[{"name":"Wordfence","remoteId":"d99bc021-ba9e-4294-8dd2-c25bc8007d05"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d99bc021-ba9e-4294-8dd2-c25bc8007d05?source=api-prod","cve":"CVE-2026-1779","affectedVersions":"<=5.1.2","severity":"high"},{"advisoryId":"WPSECADV/WF/e5495b4c-a1ac-4860-83a7-686d9436d983/user-registration","title":"User Registration & Membership <= 4.4.8 - Cross-Site Request Forgery to Arbitrary Post Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-09 20:16:56","sources":[{"name":"Wordfence","remoteId":"e5495b4c-a1ac-4860-83a7-686d9436d983"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e5495b4c-a1ac-4860-83a7-686d9436d983?source=api-prod","cve":"CVE-2025-14976","affectedVersions":"<=4.4.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/ea59d04e-b332-49f8-bf3f-6e0cda3be712/user-registration","title":"User Registration <= 4.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"ea59d04e-b332-49f8-bf3f-6e0cda3be712"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ea59d04e-b332-49f8-bf3f-6e0cda3be712?source=api-prod","cve":"CVE-2025-30899","affectedVersions":"<=4.0.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/ffd9cbd1-f8a9-401e-8cdd-1ff16f438b4a/user-registration","title":"User Registration & Membership <= 4.1.1 - Unauthenticated Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"ffd9cbd1-f8a9-401e-8cdd-1ff16f438b4a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ffd9cbd1-f8a9-401e-8cdd-1ff16f438b4a?source=api-prod","cve":"CVE-2025-2563","affectedVersions":"<=4.1.1","severity":"critical"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/020bed37-9544-49b7-941d-3b7f509fdfdf/user-registration","title":"User Registration & Membership <= 5.1.4 - Unauthenticated Open Redirect via 'redirect_to_on_logout' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-13 09:51:38","sources":[{"name":"Wordfence","remoteId":"020bed37-9544-49b7-941d-3b7f509fdfdf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/020bed37-9544-49b7-941d-3b7f509fdfdf?source=api-prod","cve":"CVE-2026-6203","affectedVersions":"<=5.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/07c79459-66b8-4c93-a1cd-6e3ede95643f/user-registration","title":"User Registration & Membership <= 5.1.2 - Authenticated (Subscriber+) SQL Injection via membership_ids[]\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-07 23:11:46","sources":[{"name":"Wordfence","remoteId":"07c79459-66b8-4c93-a1cd-6e3ede95643f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/07c79459-66b8-4c93-a1cd-6e3ede95643f?source=api-prod","cve":"CVE-2026-1865","affectedVersions":"<=5.1.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/0e0bee7c-8dce-421c-af16-7e5152797e6c/user-registration","title":"User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.0.4 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-02-27 16:48:16","sources":[{"name":"Wordfence","remoteId":"0e0bee7c-8dce-421c-af16-7e5152797e6c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0e0bee7c-8dce-421c-af16-7e5152797e6c?source=api-prod","cve":"CVE-2025-1511","affectedVersions":"<=4.0.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/1b70b9b1-bde9-4a32-ae7b-a4c8d73abbc4/user-registration","title":"User Registration – Custom Registration Form, Login Form And User Profile For WordPress <= 3.0.4.1 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-10-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"1b70b9b1-bde9-4a32-ae7b-a4c8d73abbc4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1b70b9b1-bde9-4a32-ae7b-a4c8d73abbc4?source=api-prod","cve":"CVE-2023-5228","affectedVersions":"<=3.0.4.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/2244945a-5b3a-463d-9910-46a6f7afaf6c/user-registration","title":"User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin <= 4.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-15 02:13:58","sources":[{"name":"Wordfence","remoteId":"2244945a-5b3a-463d-9910-46a6f7afaf6c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2244945a-5b3a-463d-9910-46a6f7afaf6c?source=api-prod","cve":"CVE-2025-13367","affectedVersions":"<=4.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/26529849-c52c-40e5-8085-6764c22a03e7/user-registration","title":"User Registration <= 2.3.0 - Authenticated (Administrator+) Stored Cross Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"26529849-c52c-40e5-8085-6764c22a03e7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/26529849-c52c-40e5-8085-6764c22a03e7?source=api-prod","cve":"CVE-2023-23987","affectedVersions":"<=2.3.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/30339ff6-b6bf-4c56-b6cd-db0b8a6ce8b6/user-registration","title":"User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.2.1 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"30339ff6-b6bf-4c56-b6cd-db0b8a6ce8b6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/30339ff6-b6bf-4c56-b6cd-db0b8a6ce8b6?source=api-prod","cve":"CVE-2025-3281","affectedVersions":"<=4.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/3590277a-3319-4707-b728-d75ea59e8ad9/user-registration","title":"User Registration <= 3.0.1 - Authenticated (Subscriber+) PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"3590277a-3319-4707-b728-d75ea59e8ad9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3590277a-3319-4707-b728-d75ea59e8ad9?source=api-prod","cve":"CVE-2023-3343","affectedVersions":"<=3.0.1","severity":"high"},{"advisoryId":"WPSECADV/WF/50f3e469-f788-45da-95e7-aa6da1e87fd1/user-registration","title":"User Registration <= 4.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via urcr_restrict Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-21 12:46:27","sources":[{"name":"Wordfence","remoteId":"50f3e469-f788-45da-95e7-aa6da1e87fd1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/50f3e469-f788-45da-95e7-aa6da1e87fd1?source=api-prod","cve":"CVE-2025-6831","affectedVersions":"<=4.2.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/5835fed0-5b9d-47b5-82ae-f0f19830ae2a/user-registration","title":"User Registration <= 2.3.2.1 - PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-03-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"5835fed0-5b9d-47b5-82ae-f0f19830ae2a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5835fed0-5b9d-47b5-82ae-f0f19830ae2a?source=api-prod","cve":"CVE-2023-27459","affectedVersions":"<=2.3.2.1","severity":"high"},{"advisoryId":"WPSECADV/WF/59a63cd8-9d33-4a2c-a499-5b1ee38c07d6/user-registration","title":"User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Authenticated (Subscriber+) User Password Update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-11 17:44:06","sources":[{"name":"Wordfence","remoteId":"59a63cd8-9d33-4a2c-a499-5b1ee38c07d6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/59a63cd8-9d33-4a2c-a499-5b1ee38c07d6?source=api-prod","cve":"CVE-2025-3292","affectedVersions":"<=4.1.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/6193139b-52bf-425c-b1d3-c6fbd9185f06/user-registration","title":"User Registration <= 4.4.6 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"6193139b-52bf-425c-b1d3-c6fbd9185f06"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6193139b-52bf-425c-b1d3-c6fbd9185f06?source=api-prod","cve":"CVE-2025-67956","affectedVersions":"<=4.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/62b809dc-4089-4822-8aeb-7049fcfe376e/user-registration","title":"User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.4 - Unauthenticated Stored Self-Based Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"62b809dc-4089-4822-8aeb-7049fcfe376e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/62b809dc-4089-4822-8aeb-7049fcfe376e?source=api-prod","cve":"CVE-2024-1720","affectedVersions":"<=3.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/710574a8-a6e2-4ee6-9ea7-03a34994fec7/user-registration","title":"User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.2.0.1 - Missing Authorization to Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-31 18:57:59","sources":[{"name":"Wordfence","remoteId":"710574a8-a6e2-4ee6-9ea7-03a34994fec7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/710574a8-a6e2-4ee6-9ea7-03a34994fec7?source=api-prod","cve":"CVE-2024-4958","affectedVersions":"<=3.2.0.1","severity":"high"},{"advisoryId":"WPSECADV/WF/761a4801-fc4a-40a0-b5aa-303d88a87062/user-registration","title":"User Registration <= 1.5.5 - Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-01-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"761a4801-fc4a-40a0-b5aa-303d88a87062"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/761a4801-fc4a-40a0-b5aa-303d88a87062?source=api-prod","affectedVersions":"<=1.5.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/7bb5a5a2-9644-4850-a5f9-7c925af000c8/user-registration","title":"User Registration & Membership <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Content Access Rule Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-23 11:24:15","sources":[{"name":"Wordfence","remoteId":"7bb5a5a2-9644-4850-a5f9-7c925af000c8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7bb5a5a2-9644-4850-a5f9-7c925af000c8?source=api-prod","cve":"CVE-2026-4056","affectedVersions":"<=5.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/7e9fec92-f471-4ce9-9138-1c58ad658da2/user-registration","title":"User Registration & Membership <= 5.1.2 - Unauthenticated Privilege Escalation via Membership Registration\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-02 16:05:18","sources":[{"name":"Wordfence","remoteId":"7e9fec92-f471-4ce9-9138-1c58ad658da2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7e9fec92-f471-4ce9-9138-1c58ad658da2?source=api-prod","cve":"CVE-2026-1492","affectedVersions":"<=5.1.2","severity":"critical"},{"advisoryId":"WPSECADV/WF/864a3444-0479-4b9f-beca-584a4a9b8682/user-registration","title":"User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.5 - Missing Authorization to Unauthenticated Media Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"864a3444-0479-4b9f-beca-584a4a9b8682"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/864a3444-0479-4b9f-beca-584a4a9b8682?source=api-prod","cve":"CVE-2024-3295","affectedVersions":"<=3.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/98345631-45df-419b-aada-b7053a31b68c/user-registration","title":"User Registration <= 4.1.5 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"98345631-45df-419b-aada-b7053a31b68c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/98345631-45df-419b-aada-b7053a31b68c?source=api-prod","cve":"CVE-2025-39400","affectedVersions":"<=4.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/a4149783-ffa3-4efd-af55-5aa1c0e44443/user-registration","title":"User Registration & Membership <= 4.1.2 - Authentication Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"a4149783-ffa3-4efd-af55-5aa1c0e44443"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a4149783-ffa3-4efd-af55-5aa1c0e44443?source=api-prod","cve":"CVE-2025-2594","affectedVersions":"<=4.1.2","severity":"high"},{"advisoryId":"WPSECADV/WF/a5a1ccb2-4f78-4855-a01d-b15f73407822/user-registration","title":"User Registration & Membership <= 5.1.2 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-25 13:29:35","sources":[{"name":"Wordfence","remoteId":"a5a1ccb2-4f78-4855-a01d-b15f73407822"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a5a1ccb2-4f78-4855-a01d-b15f73407822?source=api-prod","cve":"CVE-2026-2356","affectedVersions":"<=5.1.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/a671128a-74e6-4f92-94af-9e5e37ed7b7a/user-registration","title":"User Registration <= 2.3.2.1 - Missing Authorization via send_test_email\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"a671128a-74e6-4f92-94af-9e5e37ed7b7a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a671128a-74e6-4f92-94af-9e5e37ed7b7a?source=api-prod","cve":"CVE-2023-29429","affectedVersions":"<=2.3.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/a979e885-f7dd-4616-a881-64f3d97c309d/user-registration","title":"User Registration <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"a979e885-f7dd-4616-a881-64f3d97c309d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a979e885-f7dd-4616-a881-64f3d97c309d?source=api-prod","cve":"CVE-2023-3342","affectedVersions":"<=3.0.2","severity":"critical"},{"advisoryId":"WPSECADV/WF/ba326241-46a3-4891-a180-d7977f4e83ed/user-registration","title":"User Registration & Membership <= 4.3.0 - Authenticated (Admin+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"ba326241-46a3-4891-a180-d7977f4e83ed"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ba326241-46a3-4891-a180-d7977f4e83ed?source=api-prod","cve":"CVE-2025-9085","affectedVersions":"<=4.3.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/c07ea205-5a05-43f5-993e-c6e30f660ac8/user-registration","title":"User Registration <= 2.2.4 - Authenticated (Subscriber+) Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"c07ea205-5a05-43f5-993e-c6e30f660ac8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c07ea205-5a05-43f5-993e-c6e30f660ac8?source=api-prod","cve":"CVE-2022-3912","affectedVersions":"<=2.2.4","severity":"high"},{"advisoryId":"WPSECADV/WF/c525b41c-dca5-442a-927e-4583cb303ed1/user-registration","title":"User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"c525b41c-dca5-442a-927e-4583cb303ed1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c525b41c-dca5-442a-927e-4583cb303ed1?source=api-prod","cve":"CVE-2025-3282","affectedVersions":"<=4.1.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/c8798fb2-4cab-4960-9e32-fd74bb4a5091/user-registration","title":"User Registration & Membership <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Limited Page Content Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 19:57:08","sources":[{"name":"Wordfence","remoteId":"c8798fb2-4cab-4960-9e32-fd74bb4a5091"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c8798fb2-4cab-4960-9e32-fd74bb4a5091?source=api-prod","cve":"CVE-2026-3601","affectedVersions":"<=5.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/cd4c2c11-2d73-48b4-8e7e-e281451973a2/user-registration","title":"User Registration <= 4.4.9 - Authenticated (Subscriber+) Arbitrary Shortcode Execution\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"cd4c2c11-2d73-48b4-8e7e-e281451973a2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cd4c2c11-2d73-48b4-8e7e-e281451973a2?source=api-prod","cve":"CVE-2026-24353","affectedVersions":"<=4.4.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/d03459d8-b1f2-4270-a294-403754db1f2f/user-registration","title":"User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.5 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"d03459d8-b1f2-4270-a294-403754db1f2f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d03459d8-b1f2-4270-a294-403754db1f2f?source=api-prod","cve":"CVE-2024-2417","affectedVersions":"<=3.1.5","severity":"high"},{"advisoryId":"WPSECADV/WF/d99bc021-ba9e-4294-8dd2-c25bc8007d05/user-registration","title":"User Registration & Membership <= 5.1.2 - Authentication Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-25 13:29:34","sources":[{"name":"Wordfence","remoteId":"d99bc021-ba9e-4294-8dd2-c25bc8007d05"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d99bc021-ba9e-4294-8dd2-c25bc8007d05?source=api-prod","cve":"CVE-2026-1779","affectedVersions":"<=5.1.2","severity":"high"},{"advisoryId":"WPSECADV/WF/e5495b4c-a1ac-4860-83a7-686d9436d983/user-registration","title":"User Registration & Membership <= 4.4.8 - Cross-Site Request Forgery to Arbitrary Post Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-09 20:16:56","sources":[{"name":"Wordfence","remoteId":"e5495b4c-a1ac-4860-83a7-686d9436d983"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e5495b4c-a1ac-4860-83a7-686d9436d983?source=api-prod","cve":"CVE-2025-14976","affectedVersions":"<=4.4.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/ea59d04e-b332-49f8-bf3f-6e0cda3be712/user-registration","title":"User Registration <= 4.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"ea59d04e-b332-49f8-bf3f-6e0cda3be712"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ea59d04e-b332-49f8-bf3f-6e0cda3be712?source=api-prod","cve":"CVE-2025-30899","affectedVersions":"<=4.0.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/ffd9cbd1-f8a9-401e-8cdd-1ff16f438b4a/user-registration","title":"User Registration & Membership <= 4.1.1 - Unauthenticated Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"ffd9cbd1-f8a9-401e-8cdd-1ff16f438b4a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ffd9cbd1-f8a9-401e-8cdd-1ff16f438b4a?source=api-prod","cve":"CVE-2025-2563","affectedVersions":"<=4.1.1","severity":"critical"}] \ No newline at end of file diff --git a/internal/data/assets/theme_62657468656d65811c9dc5_gen.json b/internal/data/assets/theme_62657468656d65811c9dc5_gen.json index 27ea8534..98b31dba 100644 --- a/internal/data/assets/theme_62657468656d65811c9dc5_gen.json +++ b/internal/data/assets/theme_62657468656d65811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/340c14ea-70b9-4f60-84b3-97328432f110/betheme","title":"Betheme <= 27.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-20 21:55:18","sources":[{"name":"Wordfence","remoteId":"340c14ea-70b9-4f60-84b3-97328432f110"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/340c14ea-70b9-4f60-84b3-97328432f110?source=api-prod","cve":"CVE-2025-0450","affectedVersions":"<=27.6.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/3ec44487-7529-46a8-b2eb-cc5fe0f8f062/betheme","title":"Betheme <= 26.6.2 - Missing Authorization to Theme Settings Update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"3ec44487-7529-46a8-b2eb-cc5fe0f8f062"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3ec44487-7529-46a8-b2eb-cc5fe0f8f062?source=api-prod","cve":"CVE-2022-45352","affectedVersions":"<=26.6.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/5b655b04-1f2f-4745-8237-7ef3f8e31ace/betheme","title":"Betheme | Responsive Multipurpose WordPress & WooCommerce Theme <= 27.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-29 16:16:40","sources":[{"name":"Wordfence","remoteId":"5b655b04-1f2f-4745-8237-7ef3f8e31ace"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5b655b04-1f2f-4745-8237-7ef3f8e31ace?source=api-prod","cve":"CVE-2024-3998","affectedVersions":"<=27.5.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/5dfaa23f-05df-423c-a5f6-02f2b714b5b6/betheme","title":"Betheme | Responsive Multipurpose WordPress & WooCommerce Theme <= 27.5.5 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-12 17:35:48","sources":[{"name":"Wordfence","remoteId":"5dfaa23f-05df-423c-a5f6-02f2b714b5b6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5dfaa23f-05df-423c-a5f6-02f2b714b5b6?source=api-prod","cve":"CVE-2024-5567","affectedVersions":"<=27.5.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/62e75bb6-83d9-43db-8c89-0995698ca0ca/betheme","title":"Betheme <= 27.1.1 - Missing Authorization via '_tool_history_delete'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-08-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"62e75bb6-83d9-43db-8c89-0995698ca0ca"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/62e75bb6-83d9-43db-8c89-0995698ca0ca?source=api-prod","cve":"CVE-2023-39998","affectedVersions":"<=27.1.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/6eb8756b-7c0f-4bc9-9e24-07598efa9eee/betheme","title":"Betheme <= 28.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-08-05 15:36:42","sources":[{"name":"Wordfence","remoteId":"6eb8756b-7c0f-4bc9-9e24-07598efa9eee"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6eb8756b-7c0f-4bc9-9e24-07598efa9eee?source=api-prod","cve":"CVE-2025-7399","affectedVersions":"<=28.1.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/72bdc81e-1a9d-4dd8-93a5-fb1026d6a2d9/betheme","title":"Betheme <= 27.1.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"72bdc81e-1a9d-4dd8-93a5-fb1026d6a2d9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/72bdc81e-1a9d-4dd8-93a5-fb1026d6a2d9?source=api-prod","cve":"CVE-2023-47770","affectedVersions":"<=27.1.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/7a0a281d-840f-488f-b9ef-c0df8514b47c/betheme","title":"Betheme <= 28.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-15 19:05:04","sources":[{"name":"Wordfence","remoteId":"7a0a281d-840f-488f-b9ef-c0df8514b47c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7a0a281d-840f-488f-b9ef-c0df8514b47c?source=api-prod","cve":"CVE-2025-3077","affectedVersions":"<=28.0.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/7e1d4080-cd8a-455a-85f4-87f195ebe4a2/betheme","title":"Betheme <= 26.6.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"7e1d4080-cd8a-455a-85f4-87f195ebe4a2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7e1d4080-cd8a-455a-85f4-87f195ebe4a2?source=api-prod","cve":"CVE-2022-45363","affectedVersions":"<=26.6.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/8ff3b35c-f7e3-4cae-b7f1-1a0930173ac5/betheme","title":"Betheme <= 26.6.2 - Missing Authorization to Post Title Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"8ff3b35c-f7e3-4cae-b7f1-1a0930173ac5"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8ff3b35c-f7e3-4cae-b7f1-1a0930173ac5?source=api-prod","cve":"CVE-2022-45349","affectedVersions":"<=26.6.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/a7c31409-c84a-4197-b08c-b70df5e66a80/betheme","title":"Betheme <= 27.5.6 - Authenticated (Contributor+) PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-29 16:01:16","sources":[{"name":"Wordfence","remoteId":"a7c31409-c84a-4197-b08c-b70df5e66a80"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a7c31409-c84a-4197-b08c-b70df5e66a80?source=api-prod","cve":"CVE-2024-2694","affectedVersions":"<=27.5.6","severity":"high"},{"advisoryId":"WPSECADV/WF/aa657530-7c85-4399-94bb-feaa7d21a47a/betheme","title":"Betheme <= 26.6.2 - Missing Authorization to Post Status Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"aa657530-7c85-4399-94bb-feaa7d21a47a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/aa657530-7c85-4399-94bb-feaa7d21a47a?source=api-prod","cve":"CVE-2022-45351","affectedVersions":"<=26.6.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/b8eec2f0-1b6f-45cf-8291-019bc1d08f9b/betheme","title":"Betheme <= 26.6.2 - Missing Authorization Check on Core Functionality\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"b8eec2f0-1b6f-45cf-8291-019bc1d08f9b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b8eec2f0-1b6f-45cf-8291-019bc1d08f9b?source=api-prod","cve":"CVE-2022-45356","affectedVersions":"<=26.6.1","severity":"high"},{"advisoryId":"WPSECADV/WF/c14b948f-129d-4223-b3ee-0bef1f9fc703/betheme","title":"Betheme <= 26.7.5 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"c14b948f-129d-4223-b3ee-0bef1f9fc703"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c14b948f-129d-4223-b3ee-0bef1f9fc703?source=api-prod","cve":"CVE-2023-29101","affectedVersions":"<=26.7.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/dc54b1c2-88fc-4b9b-901d-57bbc079c616/betheme","title":"Betheme <= 28.2 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"dc54b1c2-88fc-4b9b-901d-57bbc079c616"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/dc54b1c2-88fc-4b9b-901d-57bbc079c616?source=api-prod","cve":"CVE-2025-63075","affectedVersions":"<=28.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/f5e984d5-2537-4a4a-a071-084e0c1c3b5e/betheme","title":"Betheme <= 26.5.1.4 - Authenticated (Subscriber+) PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"f5e984d5-2537-4a4a-a071-084e0c1c3b5e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f5e984d5-2537-4a4a-a071-084e0c1c3b5e?source=api-prod","cve":"CVE-2022-3861","affectedVersions":"<=26.5.1.4","severity":"high"},{"advisoryId":"WPSECADV/WF/f8068fb3-5a19-4b17-848b-32cebfff2537/betheme","title":"Betheme <= 26.6.2 - Missing Authorization Checks to Private Page/Post Data Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"f8068fb3-5a19-4b17-848b-32cebfff2537"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f8068fb3-5a19-4b17-848b-32cebfff2537?source=api-prod","cve":"CVE-2022-45353","affectedVersions":"<=26.6.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/f9da9d45-39e2-4b07-baed-1f7d7f67602e/betheme","title":"Betheme <= 28.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'page_title'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"f9da9d45-39e2-4b07-baed-1f7d7f67602e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f9da9d45-39e2-4b07-baed-1f7d7f67602e?source=api-prod","cve":"CVE-2025-9371","affectedVersions":"<=28.1.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/fe00b89f-b475-4aec-8df8-89d842d92e4f/betheme","title":"Betheme <= 26.5.1.4 - Authenticated (Subscriber+) PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"fe00b89f-b475-4aec-8df8-89d842d92e4f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fe00b89f-b475-4aec-8df8-89d842d92e4f?source=api-prod","cve":"CVE-2022-45077","affectedVersions":"<=26.5.1.4","severity":"high"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/340c14ea-70b9-4f60-84b3-97328432f110/betheme","title":"Betheme <= 27.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-20 21:55:18","sources":[{"name":"Wordfence","remoteId":"340c14ea-70b9-4f60-84b3-97328432f110"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/340c14ea-70b9-4f60-84b3-97328432f110?source=api-prod","cve":"CVE-2025-0450","affectedVersions":"<=27.6.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/3486f114-5625-4751-a25e-2c5ab7b15b38/betheme","title":"Betheme <= 28.4 - Authenticated (Contributor+) Arbitrary File Deletion via 'mfn-icon-upload'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 21:38:53","sources":[{"name":"Wordfence","remoteId":"3486f114-5625-4751-a25e-2c5ab7b15b38"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3486f114-5625-4751-a25e-2c5ab7b15b38?source=api-prod","cve":"CVE-2026-6262","affectedVersions":"<=28.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/3ec44487-7529-46a8-b2eb-cc5fe0f8f062/betheme","title":"Betheme <= 26.6.2 - Missing Authorization to Theme Settings Update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"3ec44487-7529-46a8-b2eb-cc5fe0f8f062"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3ec44487-7529-46a8-b2eb-cc5fe0f8f062?source=api-prod","cve":"CVE-2022-45352","affectedVersions":"<=26.6.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/5b655b04-1f2f-4745-8237-7ef3f8e31ace/betheme","title":"Betheme | Responsive Multipurpose WordPress & WooCommerce Theme <= 27.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-29 16:16:40","sources":[{"name":"Wordfence","remoteId":"5b655b04-1f2f-4745-8237-7ef3f8e31ace"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5b655b04-1f2f-4745-8237-7ef3f8e31ace?source=api-prod","cve":"CVE-2024-3998","affectedVersions":"<=27.5.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/5dfaa23f-05df-423c-a5f6-02f2b714b5b6/betheme","title":"Betheme | Responsive Multipurpose WordPress & WooCommerce Theme <= 27.5.5 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-12 17:35:48","sources":[{"name":"Wordfence","remoteId":"5dfaa23f-05df-423c-a5f6-02f2b714b5b6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5dfaa23f-05df-423c-a5f6-02f2b714b5b6?source=api-prod","cve":"CVE-2024-5567","affectedVersions":"<=27.5.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/62e75bb6-83d9-43db-8c89-0995698ca0ca/betheme","title":"Betheme <= 27.1.1 - Missing Authorization via '_tool_history_delete'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-08-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"62e75bb6-83d9-43db-8c89-0995698ca0ca"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/62e75bb6-83d9-43db-8c89-0995698ca0ca?source=api-prod","cve":"CVE-2023-39998","affectedVersions":"<=27.1.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/6eb8756b-7c0f-4bc9-9e24-07598efa9eee/betheme","title":"Betheme <= 28.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-08-05 15:36:42","sources":[{"name":"Wordfence","remoteId":"6eb8756b-7c0f-4bc9-9e24-07598efa9eee"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6eb8756b-7c0f-4bc9-9e24-07598efa9eee?source=api-prod","cve":"CVE-2025-7399","affectedVersions":"<=28.1.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/722c04c3-8f74-4081-b3a4-cb1ae2027312/betheme","title":"Betheme <= 28.4 - Authenticated (Author+) Arbitrary File Upload to Remote Code Execution via Icon Pack Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 22:35:37","sources":[{"name":"Wordfence","remoteId":"722c04c3-8f74-4081-b3a4-cb1ae2027312"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/722c04c3-8f74-4081-b3a4-cb1ae2027312?source=api-prod","cve":"CVE-2026-6261","affectedVersions":"<=28.4","severity":"high"},{"advisoryId":"WPSECADV/WF/72bdc81e-1a9d-4dd8-93a5-fb1026d6a2d9/betheme","title":"Betheme <= 27.1.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"72bdc81e-1a9d-4dd8-93a5-fb1026d6a2d9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/72bdc81e-1a9d-4dd8-93a5-fb1026d6a2d9?source=api-prod","cve":"CVE-2023-47770","affectedVersions":"<=27.1.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/7a0a281d-840f-488f-b9ef-c0df8514b47c/betheme","title":"Betheme <= 28.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-15 19:05:04","sources":[{"name":"Wordfence","remoteId":"7a0a281d-840f-488f-b9ef-c0df8514b47c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7a0a281d-840f-488f-b9ef-c0df8514b47c?source=api-prod","cve":"CVE-2025-3077","affectedVersions":"<=28.0.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/7e1d4080-cd8a-455a-85f4-87f195ebe4a2/betheme","title":"Betheme <= 26.6.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"7e1d4080-cd8a-455a-85f4-87f195ebe4a2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7e1d4080-cd8a-455a-85f4-87f195ebe4a2?source=api-prod","cve":"CVE-2022-45363","affectedVersions":"<=26.6.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/8ff3b35c-f7e3-4cae-b7f1-1a0930173ac5/betheme","title":"Betheme <= 26.6.2 - Missing Authorization to Post Title Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"8ff3b35c-f7e3-4cae-b7f1-1a0930173ac5"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8ff3b35c-f7e3-4cae-b7f1-1a0930173ac5?source=api-prod","cve":"CVE-2022-45349","affectedVersions":"<=26.6.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/a7c31409-c84a-4197-b08c-b70df5e66a80/betheme","title":"Betheme <= 27.5.6 - Authenticated (Contributor+) PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-29 16:01:16","sources":[{"name":"Wordfence","remoteId":"a7c31409-c84a-4197-b08c-b70df5e66a80"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a7c31409-c84a-4197-b08c-b70df5e66a80?source=api-prod","cve":"CVE-2024-2694","affectedVersions":"<=27.5.6","severity":"high"},{"advisoryId":"WPSECADV/WF/aa657530-7c85-4399-94bb-feaa7d21a47a/betheme","title":"Betheme <= 26.6.2 - Missing Authorization to Post Status Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"aa657530-7c85-4399-94bb-feaa7d21a47a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/aa657530-7c85-4399-94bb-feaa7d21a47a?source=api-prod","cve":"CVE-2022-45351","affectedVersions":"<=26.6.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/b8eec2f0-1b6f-45cf-8291-019bc1d08f9b/betheme","title":"Betheme <= 26.6.2 - Missing Authorization Check on Core Functionality\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"b8eec2f0-1b6f-45cf-8291-019bc1d08f9b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b8eec2f0-1b6f-45cf-8291-019bc1d08f9b?source=api-prod","cve":"CVE-2022-45356","affectedVersions":"<=26.6.1","severity":"high"},{"advisoryId":"WPSECADV/WF/c14b948f-129d-4223-b3ee-0bef1f9fc703/betheme","title":"Betheme <= 26.7.5 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"c14b948f-129d-4223-b3ee-0bef1f9fc703"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c14b948f-129d-4223-b3ee-0bef1f9fc703?source=api-prod","cve":"CVE-2023-29101","affectedVersions":"<=26.7.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/dc54b1c2-88fc-4b9b-901d-57bbc079c616/betheme","title":"Betheme <= 28.2 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"dc54b1c2-88fc-4b9b-901d-57bbc079c616"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/dc54b1c2-88fc-4b9b-901d-57bbc079c616?source=api-prod","cve":"CVE-2025-63075","affectedVersions":"<=28.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/f5e984d5-2537-4a4a-a071-084e0c1c3b5e/betheme","title":"Betheme <= 26.5.1.4 - Authenticated (Subscriber+) PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"f5e984d5-2537-4a4a-a071-084e0c1c3b5e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f5e984d5-2537-4a4a-a071-084e0c1c3b5e?source=api-prod","cve":"CVE-2022-3861","affectedVersions":"<=26.5.1.4","severity":"high"},{"advisoryId":"WPSECADV/WF/f8068fb3-5a19-4b17-848b-32cebfff2537/betheme","title":"Betheme <= 26.6.2 - Missing Authorization Checks to Private Page/Post Data Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"f8068fb3-5a19-4b17-848b-32cebfff2537"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f8068fb3-5a19-4b17-848b-32cebfff2537?source=api-prod","cve":"CVE-2022-45353","affectedVersions":"<=26.6.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/f9da9d45-39e2-4b07-baed-1f7d7f67602e/betheme","title":"Betheme <= 28.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'page_title'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"f9da9d45-39e2-4b07-baed-1f7d7f67602e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f9da9d45-39e2-4b07-baed-1f7d7f67602e?source=api-prod","cve":"CVE-2025-9371","affectedVersions":"<=28.1.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/fe00b89f-b475-4aec-8df8-89d842d92e4f/betheme","title":"Betheme <= 26.5.1.4 - Authenticated (Subscriber+) PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"fe00b89f-b475-4aec-8df8-89d842d92e4f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fe00b89f-b475-4aec-8df8-89d842d92e4f?source=api-prod","cve":"CVE-2022-45077","affectedVersions":"<=26.5.1.4","severity":"high"}] \ No newline at end of file