Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ProfilePress — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting ProfilePress. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ProfilePress is a WordPress plugin for creating user profiles and registration forms. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The plugin has accumulated four CVE records, highlighting recurring security flaws in its form handling and access control mechanisms. These vulnerabilities have allowed attackers to execute arbitrary code, steal session cookies, and elevate privileges to administrator levels. The security track record suggests consistent weaknesses in input validation and permission management, making it a target for exploitation. Users should maintain current versions and implement additional security controls to mitigate risks associated with these vulnerabilities.

Top products by ProfilePress: ProfilePress
HighCVE-2026-34452026-04-07
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <=

Showing up to 20 recent security advisories. View all →

This page lists every published CVE security advisory associated with ProfilePress. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.