reputeinfosystems 厂商漏洞列表 / CVE 中文分析 36

reputeinfosystems 厂商相关 36 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

Reputeinfosystems 主要提供企业级软件解决方案，其相关系统已收录 36 条 CVE。历史漏洞多集中于跨站脚本（XSS）、远程代码执行（RCE）及身份验证绕过等常见类型，反映出输入验证与权限控制方面的潜在风险。尽管部分更新已修复已知缺陷，但攻击面仍值得关注。建议用户及时应用官方补丁，并强化访问控制策略，以降低被利用的可能性，确保系统运行安全。

上位製品 reputeinfosystems: ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress ARForms ARPrice Contact Form, Survey, Quiz & Popup Form Builder – ARForms BookingPress Social Share And Social Locker ARMember ARForms Form Builder

CVEs 36

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2026-7649	ARMember <= 4.0.60 - Unauthenticated SQL Injection via 'orderby' Parameter — ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signupCWE-89	7.5	High	2026-05-02
CVE-2024-13785	Contact Form, Survey, Quiz & Popup Form Builder – ARForms <= 1.7.2 - Unauthenticated Blind Arbitrary Shortcode Execution — Contact Form, Survey, Quiz & Popup Form Builder – ARFormsCWE-94	5.6	Medium	2026-03-21
CVE-2025-31911	WordPress Social Share And Social Locker plugin <= 1.4.2 - SQL Injection vulnerability — Social Share And Social LockerCWE-89	9.3	Critical	2025-04-03
CVE-2025-31902	WordPress Social Share And Social Locker Plugin <= 1.4.1 - Reflected Cross Site Scripting (XSS) vulnerability — Social Share And Social LockerCWE-79	7.1	High	2025-04-03
CVE-2025-31910	WordPress BookingPress plugin <= 1.1.28 - SQL Injection vulnerability — BookingPressCWE-89	7.6	High	2025-04-01
CVE-2025-26731	WordPress ARPrice plugin <= 4.1.3 - Cross Site Scripting (XSS) vulnerability — ARPriceCWE-79	6.5	Medium	2025-03-27
CVE-2025-24732	WordPress BookingPress Plugin <= 1.1.25 - Cross Site Scripting (XSS) vulnerability — BookingPressCWE-79	6.5	Medium	2025-01-24
CVE-2024-49655	WordPress ARPrice plugin <= 4.1.3 - Unauthenticated SQL Injection vulnerability — ARPriceCWE-89	9.3	Critical	2025-01-21
CVE-2024-49700	WordPress ARPrice plugin <= 4.1.3 - Reflected Cross Site Scripting (XSS) vulnerability — ARPriceCWE-79	7.1	High	2025-01-21
CVE-2024-49688	WordPress ARPrice plugin <= 4.1.3 - Unauthenticated PHP Object Injection vulnerability — ARPriceCWE-502	9.8	Critical	2025-01-21
CVE-2024-49699	WordPress ARPrice plugin <= 4.1.3 - PHP Object Injection vulnerability — ARPriceCWE-502	8.8	High	2025-01-21
CVE-2024-49666	WordPress ARPrice plugin <= 4.1.3 - SQL Injection vulnerability — ARPriceCWE-89	8.5	High	2025-01-21
CVE-2024-11726	Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.21 - Authenticated (Contributor+) SQL Injection — Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPressCWE-89	6.5	Medium	2024-12-24
CVE-2024-54217	WordPress ARForms plugin <= 6.4.1 - Subscriber+ Plugin Settings Change vulnerability — ARFormsCWE-862	5.4	Medium	2024-12-09
CVE-2024-54223	WordPress ARForms plugin <= 1.7.1 - HTML Injection vulnerability — ARForms Form BuilderCWE-80	5.3	Medium	2024-12-09
CVE-2024-54216	WordPress ARForms plugin <= 6.4.1 - Subscriber+ Arbitrary File Read vulnerability — ARFormsCWE-35	7.7	High	2024-12-06
CVE-2024-10681	ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.51 - Authenticated (Subscriber+) Arbitrary Shortcode Execution — ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signupCWE-94	6.3	Medium	2024-12-06
CVE-2024-10540	Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.16 - Authenticated (Subscriber+) SQL Injection — Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPressCWE-89	5.3	Medium	2024-11-02
CVE-2024-7703	ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.37 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File Upload — ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signupCWE-79	6.4	Medium	2024-08-17
CVE-2024-7350	Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress 1.1.6 - 1.1.7 - Authentication Bypass to Account Takeover — Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPressCWE-288	9.8	Critical	2024-08-08
CVE-2024-6467	BookingPress Appointment Booking <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation — Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPressCWE-73	8.8	High	2024-07-17
CVE-2024-6660	BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload — Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPressCWE-280	8.8	High	2024-07-17
CVE-2024-32703	WordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary File Deletion vulnerability — ARFormsCWE-22	7.7	High	2024-06-09
CVE-2024-32704	WordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary WordPress Options Removal vulnerability — ARFormsCWE-862	7.1	High	2024-06-09
CVE-2024-32705	WordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary Plugin Activation/Deactivation Vulnerability — ARFormsCWE-862	7.1	High	2024-06-09
CVE-2024-4133	ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.30 - Open Redirect — ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signupCWE-601	6.1	Medium	2024-05-02
CVE-2024-1945	ARForms Form Builder <= 1.6.4 - Missing Authorization to Authenticated(Subscriber+) Arbitrary Option Deletion — Contact Form, Survey, Quiz & Popup Form Builder – ARFormsCWE-862	7.1	High	2024-05-02
CVE-2024-32702	WordPress ARForms plugin <= 6.4 - Reflected Cross Site Scripting (XSS) vulnerability — ARFormsCWE-79	7.1	High	2024-04-24
CVE-2024-32706	WordPress ARForms plugin <= 6.4 - Subscriber+ SQL Injection vulnerability — ARFormsCWE-89	8.5	High	2024-04-24
CVE-2024-3022	BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.0.87 - Authenticated (Admin+) Arbitrary File Upload — Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPressCWE-434	7.2	High	2024-04-04

本页汇总了 reputeinfosystems 厂商截至目前公开的全部 36 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

reputeinfosystems 厂商漏洞列表 / CVE 中文分析 36

目標達成すべての支援者に感謝 — 100%達成しました！