Wpindeed

wpindeed

5 CVEs • 3 products

Products (3)

Click to collapse

Toggle

Debug Assistant

debug_assistant

Ultimate Membership Pro

ultimate_membership_pro

Ultimate Learning Pro

ultimate_learning_pro

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-13846 1Wpindeed 1Ultimate Learning Pro Feb 25, 2025 Feb 21, 2025 N/A· v4 4.9 MEDIUM· v3 N/A· v2 The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘post_id’ parameter in all versions up to, and including, 3.9 due to insufficient escaping on the user supplied para...Show more The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘post_id’ parameter in all versions up to, and including, 3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.Show less
CVE-2024-43242 1Wpindeed 1Ultimate Membership Pro Apr 29, 2026 Aug 19, 2024 N/A· v4 10.0 CRITICAL· v3 N/A· v2 Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro.This issue affects Ultimate Membership Pro: from n/a through <= 12.7.
CVE-2024-43240 1Wpindeed 1Ultimate Membership Pro Apr 23, 2026 Aug 19, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper Authentication vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro.This issue affects Ultimate Membership Pro: from n/a through <= 12.7.
CVE-2023-26516 1Wpindeed 1Debug Assistant Nov 21, 2024 Nov 13, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in WPIndeed Debug Assistant plugin <= 1.4 versions.
CVE-2023-26527 1Wpindeed 1Debug Assistant Nov 21, 2024 Jun 16, 2023 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPIndeed Debug Assistant plugin <= 1.4 versions.