Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

metagauss — Vulnerabilities & Security Advisories 101

Browse all 101 CVE security advisories affecting metagauss. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Metagauss operates as a cybersecurity firm specializing in automated penetration testing and vulnerability assessment services. Its primary offering involves scanning enterprise networks to identify security weaknesses, providing clients with actionable reports on potential entry points. Historically, the company’s infrastructure and associated platforms have been linked to a significant number of Common Vulnerabilities and Exposures, totaling 101 recorded CVEs. These vulnerabilities predominantly stem from common web application flaws, including remote code execution, cross-site scripting, and improper access control mechanisms. While specific major public incidents involving data breaches directly attributed to Metagauss are not widely documented in mainstream news, the high volume of CVEs suggests systemic issues in their software development lifecycle or third-party dependencies. Security researchers often highlight these findings as cautionary examples of how automated security tools themselves can become attack vectors if not rigorously maintained and patched against known exploit patterns.

Top products by metagauss: ProfileGrid ProfileGrid – User Profiles, Groups and Communities EventPrime – Events Calendar, Bookings and Tickets RegistrationMagic RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login EventPrime Download Plugin Download Theme Event Kikfyre
CVE IDTitleCVSSSeverityPublished
CVE-2024-31275 WordPress EventPrime plugin <= 3.3.4 - Booking Price Manipulation vulnerability — EventPrimeCWE-862 8.2 High2024-06-09
CVE-2024-5453 ProfileGrid <= 5.8.6 - Missing Authorization — ProfileGrid – User Profiles, Groups and CommunitiesCWE-862 4.3 Medium2024-06-05
CVE-2023-51544 WordPress RegistrationMagic plugin <= 5.2.5.0 - Form Submission Limit Bypass vulnerability — RegistrationMagicCWE-799 5.3 Medium2024-06-04
CVE-2023-51543 WordPress RegistrationMagic plugin <= 5.2.5.0 - IP Limit Bypass vulnerability — RegistrationMagicCWE-290 5.3 Medium2024-06-04
CVE-2024-32774 WordPress ProfileGrid plugin <= 5.8.2 - Group Members Limit Bypass vulnerability — ProfileGridCWE-307 4.3 Medium2024-05-17
CVE-2023-33321 WordPress EventPrime plugin <= 2.8.6 - Sensitive Data Exposure — EventPrimeCWE-862 5.3 Medium2024-05-17
CVE-2024-33947 WordPress RegistrationMagic plugin <= 5.3.2.0 - Cross Site Scripting (XSS) vulnerability — RegistrationMagicCWE-79 7.1 High2024-05-03
CVE-2024-3606 ProfileGrid – User Profiles, Memberships, Groups and Communities <= 5.8.3 - Missing Authorization — ProfileGrid – User Profiles, Groups and CommunitiesCWE-862 4.3 Medium2024-05-02
CVE-2023-23989 WordPress RegistrationMagic plugin <= 5.1.9.2 - Content Injection — RegistrationMagicCWE-79 5.3 Medium2024-04-24
CVE-2023-23976 WordPress RegistrationMagic plugin <= 5.1.9.2 - Arbitrary Price Change — RegistrationMagicCWE-276 7.5 High2024-04-24
CVE-2024-32772 WordPress ProfileGrid plugin <= 5.7.9 - Insecure Direct Object References (IDOR) vulnerability — ProfileGridCWE-639 4.3 Medium2024-04-24
CVE-2024-32808 WordPress ProfileGrid plugin <= 5.7.9 - Insecure Direct Object Reference (IDOR) vulnerability — ProfileGridCWE-639 5.4 Medium2024-04-24
CVE-2024-31362 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerability — ProfileGridCWE-352 4.3 Medium2024-04-12
CVE-2024-1991 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.0.0 - Authenticated (Subscriber+) Privilege Escalation — RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User LoginCWE-862 8.8 High2024-04-09
CVE-2024-1990 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.1.0 - Authenticated (Contributor+) SQL Injection via Shortcode — RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User LoginCWE-89 8.8 High2024-04-09
CVE-2024-31291 WordPress ProfileGrid plugin <= 5.7.6 - IDOR on Friend Request vulnerability — ProfileGridCWE-639 4.3 Medium2024-04-07
CVE-2024-30513 WordPress ProfileGrid plugin <= 5.7.2 - Insecure Direct Object References (IDOR) vulnerability — ProfileGridCWE-639 6.5 Medium2024-03-29
CVE-2024-30491 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - SQL Injection vulnerability — ProfileGridCWE-89 8.5 High2024-03-29
CVE-2024-30490 WordPress ProfileGrid plugin <= 5.7.8 - SQL Injection vulnerability — ProfileGridCWE-89 9.3 Critical2024-03-29
CVE-2024-30241 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.1 - Contributor+ SQL Injection vulnerability — ProfileGridCWE-89 8.5 High2024-03-28
CVE-2024-29776 WordPress EventPrime plugin <= 3.3.9 - Cross Site Scripting (XSS) vulnerability — EventPrime 5.9 Medium2024-03-27
CVE-2024-2951 WordPress RegistrationMagic plugin <= 5.3.0.0 - Cross Site Request Forgery (CSRF) vulnerability — RegistrationMagicCWE-352 4.3 Medium2024-03-26
CVE-2024-24832 WordPress EventPrime plugin <= 3.3.9 - Broken Access Control vulnerability — EventPrimeCWE-862 8.2 High2024-03-23
CVE-2024-25935 WordPress RegistrationMagic plugin <= 5.2.5.9 - Broken Access Control vulnerability — RegistrationMagicCWE-862 4.3 Medium2024-03-21
CVE-2024-29113 WordPress RegistrationMagic plugin <= 5.2.5.9 - Reflected Cross Site Scripting (XSS) vulnerability — RegistrationMagicCWE-79 7.1 High2024-03-19
CVE-2024-1126 EventPrime – Events Calendar, Bookings and Tickets <= 3.4.2 - Missing Authorization to Authenticated (Subscriber+) Attendee List Retrieval — EventPrime – Events Calendar, Bookings and TicketsCWE-862 4.3 Medium2024-03-13
CVE-2024-1321 EventPrime – Events Calendar, Bookings and Tickets <= 3.4.2 - Unauthenticated Booking Payment Bypass — EventPrime – Events Calendar, Bookings and TicketsCWE-345 5.3 Medium2024-03-13
CVE-2024-1127 EventPrime – Events Calendar, Bookings and Tickets <= 3.4.1 - Missing Authorization to Authenticated (Subscriber+) Event Export — EventPrime – Events Calendar, Bookings and TicketsCWE-862 4.3 Medium2024-03-13
CVE-2024-1125 EventPrime – Events Calendar, Bookings and Tickets <= 3.4.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion — EventPrime – Events Calendar, Bookings and TicketsCWE-862 5.4 Medium2024-03-09
CVE-2024-1320 EventPrime – Events Calendar, Bookings and Tickets <= 3.4.3 - Unauthenticated Stored Cross-Site Scripting — EventPrime – Events Calendar, Bookings and TicketsCWE-79 6.5 Medium2024-03-09

This page lists every published CVE security advisory associated with metagauss. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.