Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Repute InfoSystems — Vulnerabilities & Security Advisories 23

Browse all 23 CVE security advisories affecting Repute InfoSystems. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Repute InfoSystems develops enterprise software solutions primarily focused on document management and workflow automation. An analysis of its public vulnerability history reveals a pattern of critical security flaws, with twenty-three CVEs currently on record. These incidents predominantly involve remote code execution and cross-site scripting, indicating systemic weaknesses in input validation and server-side processing. Additionally, several entries highlight privilege escalation vulnerabilities, allowing unauthorized users to gain administrative access. The high volume of disclosed issues suggests a lack of rigorous security testing during the development lifecycle. While specific major data breaches linked directly to these CVEs are not widely publicized in mainstream reports, the consistent recurrence of remote execution flaws poses a significant risk to organizations relying on its platform. This profile underscores the necessity for immediate patching and enhanced code review processes to mitigate ongoing exposure to common web application attacks.

Top products by Repute InfoSystems: ARMember ARForms Form Builder BookingPress BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup ARMember (free) ARMember Premium
CVE IDTitleCVSSSeverityPublished
CVE-2022-47425 WordPress ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 3.4.10 - Broken Access Control — ARMemberCWE-862 4.3 Medium2025-12-09
CVE-2023-39994 WordPress ARMember Premium plugin <= 5.9.2 - Broken Access Control — ARMember PremiumCWE-862 4.3 Medium2025-01-02
CVE-2022-47424 WordPress ARMember plugin <= 4.0.5 - Cross Site Request Forgery (CSRF) — ARMemberCWE-352 5.4 Medium2024-11-19
CVE-2024-37920 WordPress ARForms Form Builder plugin <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability — ARForms Form BuilderCWE-79 7.1 High2024-07-20
CVE-2024-34799 WordPress BookingPress plugin <= 1.0.82 - Appointment Duration Manipulation vulnerability — BookingPressCWE-862 6.5 Medium2024-06-11
CVE-2023-47837 WordPress ARMember plugin <= 4.0.10 - Membership Plan Bypass vulnerability — ARMemberCWE-269 8.3 High2024-06-04
CVE-2023-51356 WordPress ARMember plugin <= 4.0.10 - Privilege Escalation vulnerability — ARMemberCWE-269 8.8 High2024-05-17
CVE-2024-31270 WordPress ARForms Form Builder plugin <= 1.6.1 - Broken Access Control vulnerability — ARForms Form BuilderCWE-862 7.6 High2024-05-08
CVE-2023-51405 WordPress BookingPress plugin <= 1.0.74 - Booking Price Manipulation vulnerability — BookingPressCWE-287 8.2 High2024-04-24
CVE-2024-32948 WordPress ARMember – Membership Plugin plugin <= 4.0.28 - Broken Access Control vulnerability — ARMemberCWE-862 9.1 Critical2024-04-24
CVE-2024-31272 WordPress ARForms Form Builder plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerability — ARForms Form BuilderCWE-352 6.3 Medium2024-04-12
CVE-2024-31296 WordPress BookingPress plugin <= 1.0.81 - Insecure Direct Object References (IDOR) vulnerability — BookingPressCWE-639 4.3 Medium2024-04-07
CVE-2024-30222 WordPress ARMember plugin <= 4.0.26 - PHP Object Injection vulnerability — ARMemberCWE-502 8.5 High2024-03-28
CVE-2024-30223 WordPress ARMember plugin <= 4.0.26 - Unauthenticated PHP Object Injection vulnerability — ARMemberCWE-502 9.0 Critical2024-03-28
CVE-2024-27995 WordPress ARMember plugin <= 4.0.23 - Cross Site Scripting (XSS) vulnerability — ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signupCWE-79 5.9 Medium2024-03-21
CVE-2023-52200 WordPress ARMember Plugin <= 4.0.22 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection — ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signupCWE-352 9.6 Critical2024-01-08
CVE-2023-50841 WordPress BookingPress Plugin <= 1.0.72 is vulnerable to SQL Injection — BookingPress – Appointment Booking Calendar Plugin and Online Scheduling PluginCWE-89 8.5 High2023-12-28
CVE-2023-36507 WordPress BookingPress Plugin <= 1.0.64 is vulnerable to Sensitive Data Exposure — BookingPress – Appointment Booking Calendar Plugin and Online Scheduling PluginCWE-200 5.3 Medium2023-11-30
CVE-2022-46808 WordPress ARMember Plugin <= 3.4.11 is vulnerable to SQL Injection — ARMemberCWE-89 8.2 High2023-11-03
CVE-2022-47421 WordPress ARMember (free) and ARMember (premium) plugins - vulnerable to Auth. Stored Cross Site Scripting (XSS) — ARMember (free)CWE-79 5.9 Medium2023-07-18
CVE-2023-33323 WordPress ARMember Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS) — ARMemberCWE-79 5.9 Medium2023-06-22
CVE-2022-47140 WordPress ARMember Plugin <= 4.0.1 is vulnerable to Cross Site Scripting (XSS) — ARMemberCWE-79 7.1 High2023-06-12
CVE-2022-45838 WordPress ARForms Form Builder Plugin <= 1.5.5 is vulnerable to Cross Site Scripting (XSS) — ARForms Form BuilderCWE-79 6.1 Medium2023-04-18

This page lists every published CVE security advisory associated with Repute InfoSystems. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.