Reputeinfosystems

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-4620 1Reputeinfosystems 1Arforms May 1, 2025 Jun 7, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a...Show more The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a formShow less
CVE-2023-47837 1Reputeinfosystems 1Armember May 29, 2025 Jun 4, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.
CVE-2023-51356 1Reputeinfosystems 1Armember May 29, 2025 May 17, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.
CVE-2024-31270 1Reputeinfosystems 1Arforms Form Builder Apr 28, 2026 May 8, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 Missing Authorization vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects ARForms Form Builder: from n/a through 1.6.1.
CVE-2023-51405 1Reputeinfosystems 1Bookingpress Apr 28, 2026 Apr 24, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper Authentication vulnerability in Repute Infosystems BookingPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BookingPress: from n/a through 1.0.74.
CVE-2024-32702 1Reputeinfosystems 1Arforms Apr 23, 2026 Apr 24, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4.
CVE-2024-32706 1Reputeinfosystems 1Arforms Apr 23, 2026 Apr 24, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4.
CVE-2024-32948 1Reputeinfosystems 1Armember Apr 28, 2026 Apr 24, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Missing Authorization vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.28.
CVE-2024-31272 1Reputeinfosystems 1Arforms Form Builder Apr 28, 2026 Apr 12, 2024 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects ARForms Form Builder: from n/a through 1.6.1.
CVE-2024-31296 1Reputeinfosystems 1Bookingpress Apr 28, 2026 Apr 7, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.81.
CVE-2024-3022 1Reputeinfosystems 1Bookingpress Apr 8, 2026 Apr 4, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpress_process_upload' function in all versions up to, and including 1.0.87. This allows...Show more The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpress_process_upload' function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level capabilities or higher to upload arbitrary files on the affected site's server, enabling remote code execution.Show less
CVE-2024-30223 1Reputeinfosystems 1Armember Apr 28, 2026 Mar 28, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26.
CVE-2024-30222 1Reputeinfosystems 1Armember Apr 28, 2026 Mar 28, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26.
CVE-2024-27995 1Reputeinfosystems 1Armember Apr 28, 2026 Mar 21, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup allows...Show more Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup allows Stored XSS.This issue affects ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup: from n/a through 4.0.23.Show less
CVE-2024-0969 1Reputeinfosystems 1Armember Apr 8, 2026 Feb 5, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The ARMember plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's...Show more The ARMember plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's "Default Restriction" feature and view restricted post content.Show less
CVE-2023-6828 1Reputeinfosystems 1Arforms Form Builder Apr 8, 2026 Jan 11, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ arf_http_referrer_url’ parameter in all versions up to, and i...Show more The Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ arf_http_referrer_url’ parameter in all versions up to, and including, 1.5.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.Show less
CVE-2023-52200 1Reputeinfosystems 1Armember Apr 28, 2026 Jan 8, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup.This issue affects ARM...Show more Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup.This issue affects ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup: n/a.Show less
CVE-2023-50841 1Reputeinfosystems 1Bookingpress Apr 28, 2026 Dec 28, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects...Show more Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.72.Show less
CVE-2023-36507 1Reputeinfosystems 1Bookingpress Apr 28, 2026 Nov 30, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment...Show more Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.64.Show less
CVE-2023-6219 1Reputeinfosystems 1Bookingpress Apr 8, 2026 Nov 28, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpress_process_upload' function in versions up to, and including, 1.0.76. This makes it poss...Show more The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpress_process_upload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible.Show less

Previous 123 Next