reputeinfosystems 漏洞与 CVE 列表(51)

产品(CPE): — CVE 数: 51

reputeinfosystems 漏洞概览

汇总 reputeinfosystems 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。

常见弱点模式包括 CSRF、路径处理缺陷、文件包含与输入验证问题,在 软件部署与生产负载 使用场景中可能带来 文件覆盖、异常行为与未授权访问 等风险。

相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。

漏洞分布趋势(近 24 个月)

显示 12051 CVE 数
«« 第一页 « 上一页 第 1 / 3 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2022-47425 Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember: from n/a through 3.4.10. [email protected] 4.3 0.26% 2025-12-09 2026-06-17
CVE-2024-11189 The Social Share And Social Locker WordPress plugin before 1.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). [email protected] 4.8 0.25% 2025-05-15 2026-06-17
CVE-2024-10504 The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks. [email protected] 5.4 0.27% 2025-05-15 2026-06-17
CVE-2025-31910 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems BookingPress bookingpress-appointment-booking allows SQL Injection.This issue affects BookingPress: from n/a through <= 1.1.28. [email protected] 7.6 0.35% 2025-04-01 2026-06-17
CVE-2025-24732 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems BookingPress bookingpress-appointment-booking allows DOM-Based XSS.This issue affects BookingPress: from n/a through <= 1.1.25. [email protected] 6.5 0.28% 2025-01-24 2026-06-17
CVE-2023-39994 Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a through 5.9.2. [email protected] 4.3 0.27% 2025-01-02 2026-06-17
CVE-2024-54223 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in reputeinfosystems ARForms Form Builder arforms-form-builder allows Code Injection.This issue affects ARForms Form Builder: from n/a through <= 1.7.1. [email protected] 5.3 0.32% 2024-12-09 2026-06-17
CVE-2024-54217 Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4.1. [email protected] 5.4 0.42% 2024-12-09 2026-06-17
CVE-2024-54216 Path Traversal: '.../...//' vulnerability in reputeinfosystems ARForms allows Path Traversal. This issue affects ARForms: from n/a before 7.0.2. [email protected] 7.7 0.53% 2024-12-06 2026-07-07
CVE-2022-47424 Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ARMember, Repute InfoSystems ARMember Premium allows Cross-Site Request Forgery.This issue affects ARMember: from n/a through 4.0.5; ARMember Premium: from n/a before 6.7.1. [email protected] 5.4 0.19% 2024-11-19 2026-06-17
CVE-2024-10540 The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to SQL Injection via the 'service' parameter of the bookingpress_form shortcode in all versions up to, and including, 1.1.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already ex [email protected] 5.3 0.57% 2024-11-01 2026-06-17
CVE-2024-37920 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Repute InfoSystems ARForms Form Builder allows Reflected XSS.This issue affects ARForms Form Builder: from n/a through 1.6.7. [email protected] 7.1 0.28% 2024-07-20 2026-06-17
CVE-2024-6660 The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the bookingpress_import_data_continue_process_func function in all versions up to, and including, 1.1.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site and upload arbitrary f [email protected] 8.8 0.62% 2024-07-17 2026-06-17
CVE-2024-6467 The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to Arbitrary File Read to Arbitrary File Creation in all versions up to, and including, 1.1.5 via the 'bookingpress_save_lite_wizard_settings_func' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create arbitrary files that contain the content of files (either on the local server or from a remote location), allowing the ex [email protected] 8.8 0.86% 2024-07-17 2026-06-17
CVE-2024-0427 The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.4.1 does not properly escape user-controlled input when it is reflected in some of its AJAX actions. [email protected] 6.3 0.36% 2024-06-12 2026-06-17
CVE-2024-34799 Missing Authorization vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.82. [email protected] 6.5 0.37% 2024-06-11 2026-06-17
CVE-2024-32705 Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4. [email protected] 7.1 0.40% 2024-06-09 2026-06-17
CVE-2024-32704 Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4. [email protected] 7.1 0.34% 2024-06-09 2026-06-17
CVE-2024-32703 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4. [email protected] 7.7 0.58% 2024-06-09 2026-06-17
CVE-2024-4621 The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) [email protected] 4.8 0.35% 2024-06-07 2026-06-17
«« 第一页 « 上一页 第 1 / 3 页 下一页 »
cvelogic Threat Intelligence