Profilepress Membership Team Profilepress vulnerabilities

CVE-2023-50882 [MEDIUM] CWE-862 CVE-2023-50882: Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress allows Exploiting I Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfilePress: from n/a through 4.13.2.

CVE-2023-41953 [MEDIUM] CWE-862 CVE-2023-41953: Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1.

CVE-2023-41954 [HIGH] CWE-269 CVE-2023-41954: Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Priv Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1.

CVE-2023-23820 [MEDIUM] CWE-79 CVE-2023-23820: Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <= 4.5.4 versions.

CVE-2023-23830 [MEDIUM] CWE-79 CVE-2023-23830: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePr Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <= 4.5.4 versions.

CVE-2023-23996 [MEDIUM] CWE-79 CVE-2023-23996: Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team Profi Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <= 4.5.3 versions.