xnau 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は vendor risk csrf、vendor risk sql injection, and vendor risk cross-site scripting に関連することが多く、vendor surface production workloads and vendor surface software deployment の文脈で vendor impact data exposure and vendor impact session compromise などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-48751 | Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database allows Accessing Functionality Not Properly Constrained by ACLs, Cross Site Request Forgery.This issue affects Participants Database: from n/a through 2.5.5. | [email protected] | 4.3 | 0.06% | 2023-12-19 | 2026-04-28 |
| CVE-2023-31235 | Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database plugin <= 2.4.9 versions. | [email protected] | 5.4 | 0.09% | 2023-11-09 | 2026-04-28 |
| CVE-2022-47612 | Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database plugin <= 2.4.5 leads to list column update. | [email protected] | 4.3 | 0.07% | 2023-02-28 | 2024-11-21 |
| CVE-2020-8596 | participants-database.php in the Participants Database plugin 1.9.5.5 and previous versions for WordPress has a time-based SQL injection vulnerability via the ascdesc, list_filter_count, or sortBy parameters. It is possible to exfiltrate data and potentially execute code (if certain conditions are met). | [email protected] | 7.5 | 1.24% | 2020-02-11 | 2024-11-21 |
| CVE-2017-14126 | The Participants Database plugin before 1.7.5.10 for WordPress has XSS. | [email protected] | 6.1 | 2.39% | 2017-09-04 | 2026-05-13 |
| CVE-2014-3961 | SQL injection vulnerability in the Export CSV page in the Participants Database plugin before 1.5.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the query parameter in an "output CSV" action to pdb-signup/. | [email protected] | 7.5 | 5.93% | 2014-06-04 | 2026-05-06 |