Shodan
Vulnerabilities
Vulnerable Software
Reputeinfosystems:  Security Vulnerabilities
CVE-2024-4620
The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form
CVSS Score
9.8
EPSS Score
0.625
Published
2024-06-07
CVE-2024-4621
The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVSS Score
4.8
EPSS Score
0.001
Published
2024-06-07
CVE-2023-47837
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.
CVSS Score
8.3
EPSS Score
0.002
Published
2024-06-04
CVE-2023-51356
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-05-17
CVE-2023-51405
Improper Authentication vulnerability in Repute Infosystems BookingPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BookingPress: from n/a through 1.0.74.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-04-24
CVE-2024-32948
Missing Authorization vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.28.
CVSS Score
9.1
EPSS Score
0.001
Published
2024-04-24
CVE-2024-31296
Authorization Bypass Through User-Controlled Key vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.81.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-04-07
CVE-2024-3022
The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpress_process_upload' function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level capabilities or higher to upload arbitrary files on the affected site's server, enabling remote code execution.
CVSS Score
7.2
EPSS Score
0.069
Published
2024-04-04
CVE-2024-30223
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26.
CVSS Score
9.0
EPSS Score
0.008
Published
2024-03-28
CVE-2024-30222
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26.
CVSS Score
8.5
EPSS Score
0.008
Published
2024-03-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved