Metagauss Security Vulnerabilities (CVEs)

Track 32 security vulnerabilities affecting Metagauss products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

4 Critical

16 High

12 Medium

Sort by:

🔔 Get Alerts for Metagauss

CVE-2017-20208 9.8

This vulnerability allows unauthenticated attackers to execute arbitrary PHP code on WordPress sites using vulnerable versions of the RegistrationMagi...

Oct 18, 2025

CVE-2024-9390 4.8

This vulnerability allows high-privilege WordPress users (like administrators) to inject malicious scripts into the RegistrationMagic plugin settings,...

May 15, 2025

CVE-2024-4665 6.4

The EventPrime WordPress plugin before version 3.5.0 has an authorization bypass vulnerability that allows authenticated users to modify or cancel boo...

May 15, 2025

CVE-2025-0724 8.8

The ProfileGrid WordPress plugin is vulnerable to PHP object injection via deserialization of untrusted input, allowing authenticated attackers with S...

Mar 22, 2025

CVE-2025-1408 4.3

This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to approve or decline group join requests, which should...

Mar 22, 2025

CVE-2025-24686 7.1

This reflected cross-site scripting (XSS) vulnerability in the RegistrationMagic WordPress plugin allows attackers to inject malicious scripts into we...

Jan 31, 2025

CVE-2023-49831 7.5

This CVE describes a Missing Authorization vulnerability in the RegistrationMagic WordPress plugin that allows attackers to bypass access controls. It...

Dec 9, 2024

CVE-2024-10900 6.5

The ProfileGrid WordPress plugin has an authorization vulnerability that allows authenticated users (even with low-privilege subscriber accounts) to d...

Nov 20, 2024

CVE-2024-10508 9.8

This vulnerability allows unauthenticated attackers to reset passwords of any WordPress user, including administrators, by exploiting improper token v...

Nov 9, 2024

CVE-2024-9864 6.1

This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress websites using the EventPrime plugin. When front-end us...

Oct 24, 2024

CVE-2024-9829 6.5

The Download Plugin for WordPress has missing capability checks that allow authenticated attackers with Subscriber-level access or higher to download ...

Oct 23, 2024

CVE-2024-49273 4.3

ProfileGrid WordPress plugin versions up to 5.9.3 have a missing authorization vulnerability that allows attackers to perform unauthorized actions. Th...

Oct 21, 2024

CVE-2024-8369 5.3

The EventPrime WordPress plugin has an authorization bypass vulnerability that allows unauthenticated attackers to view private or password-protected ...

Sep 10, 2024

CVE-2024-43317 4.3

This vulnerability allows attackers to inject malicious scripts into web pages generated by the RegistrationMagic WordPress plugin. When users view af...

Aug 19, 2024

CVE-2024-6411 8.8

The ProfileGrid WordPress plugin has a privilege escalation vulnerability that allows authenticated users with Subscriber-level access or higher to el...

Jul 10, 2024

CVE-2023-52117 4.3

This CVE describes a Missing Authorization (Broken Access Control) vulnerability in the ProfileGrid WordPress plugin. It allows unauthorized users to ...

Jun 12, 2024

CVE-2024-31275 8.2

This CVE describes a Missing Authorization vulnerability in the EventPrime WordPress plugin that allows attackers to manipulate booking prices without...

Jun 9, 2024

CVE-2024-5453 4.3

The ProfileGrid WordPress plugin has a missing capability check vulnerability that allows authenticated users with Subscriber-level access or higher t...

Jun 5, 2024

CVE-2023-51544 5.3

This vulnerability in the RegistrationMagic WordPress plugin allows attackers to bypass form submission limits, enabling functionality misuse. It affe...

Jun 4, 2024

CVE-2023-23976 7.5

This vulnerability in the RegistrationMagic WordPress plugin allows attackers to bypass access controls and modify arbitrary prices in forms. It affec...

Apr 24, 2024

CVE-2024-1990 8.8

This vulnerability allows authenticated attackers with contributor-level access or higher to perform blind SQL injection attacks via the 'id' paramete...

Apr 9, 2024

CVE-2024-30241 8.5

This SQL injection vulnerability in the ProfileGrid WordPress plugin allows attackers with contributor-level access to execute arbitrary SQL commands ...

Mar 28, 2024

CVE-2024-29113 7.1

This vulnerability allows attackers to inject malicious scripts into web pages generated by the RegistrationMagic WordPress plugin. When users visit a...

Mar 19, 2024

CVE-2023-51509 7.1

This vulnerability allows attackers to inject malicious scripts into web pages generated by the RegistrationMagic WordPress plugin. When users visit a...

Feb 1, 2024

CVE-2023-50846 7.6

This SQL injection vulnerability in the RegistrationMagic WordPress plugin allows attackers to execute arbitrary SQL commands through specially crafte...

Dec 28, 2023

CVE-2023-45637 7.1

Unauthenticated reflected cross-site scripting (XSS) vulnerability in EventPrime WordPress plugin allows attackers to inject malicious scripts via cra...

Oct 25, 2023

CVE-2023-3713 8.8

The ProfileGrid WordPress plugin up to version 5.5.1 has a missing capability check that allows authenticated users with subscriber-level permissions ...

Jul 18, 2023

CVE-2023-33326 7.1

This vulnerability allows unauthenticated attackers to inject malicious scripts into EventPrime WordPress plugin pages through reflected cross-site sc...

May 28, 2023

CVE-2023-2499 9.8

This vulnerability allows unauthenticated attackers to bypass authentication in WordPress sites using the RegistrationMagic plugin. By exploiting insu...

May 16, 2023

CVE-2023-0940 8.8

The ProfileGrid WordPress plugin before version 5.3.1 contains an authorization bypass vulnerability in its password reset functionality. This allows ...

Mar 20, 2023

CVE-2021-24862 7.2

This CVE describes a SQL injection vulnerability in the RegistrationMagic WordPress plugin versions before 5.0.1.6. The vulnerability allows attackers...

Jan 10, 2022

CVE-2021-4073 9.8

CVE-2021-4073 is an authentication bypass vulnerability in the RegistrationMagic WordPress plugin that allows unauthenticated attackers to log in as a...

Dec 14, 2021

Why Monitor Metagauss Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 32+ known vulnerabilities affecting Metagauss products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Metagauss packages in under 60 seconds. No agents required - completely agentless scanning that works across Metagauss deployments.

Free vulnerability database: Access detailed information about every Metagauss CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Metagauss CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Metagauss CVEs Free