Participants Database

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > Participants Database

Information

Software Type	Plugin
Software Slug	participants-database (view on wordpress.org)
Software Status	Active
Software Author	xnau
Software Website	xnau.com
Software Downloads	1,153,686
Software Active Installs	10,000
Software Record Last Updated	October 4, 2023

7 vulnerabilities

Participants Database <= 2.4.9 - Authenticated(Administrator+) Stored Cross-Site Scripting via plugin settings

4.4

CVE ID Unknown

May 3, 2023

Researchers:

Participants Database <= 2.4.9 - Cross-Site Request Forgery via _process_general

5.4

CVE-2023-31235

May 3, 2023

Researcher: Skalucy

Participants Database <= 2.4.5 - Cross Site Request Forgery

4.3

CVE-2022-47612

Jan 20, 2023

Researcher: rezaduty

Participants Database <= 2.4.5 - Cross Site Request Forgery

4.3

CVE-2022-47612

Jan 20, 2023

Researcher: rezaduty

Participants Database <= 1.9.5.5 - SQL Injection

7.5

CVE-2020-8596

Feb 10, 2020

Researcher: Teacish

Participants Database <= 1.7.5.9 - Unauthorized Cross-Site Scripting

6.1

CVE-2017-14126

Sep 6, 2017

Researcher: Benjamin Lim

Participants Database < 1.5.4.9 - SQL Injection

9.8

CVE-2014-3961

Jun 2, 2014

Researcher: Yarubo Research Team

Title	CVE ID	CVSS	Researchers	Date
Participants Database <= 2.4.9 - Authenticated(Administrator+) Stored Cross-Site Scripting via plugin settings		4.4		May 3, 2023
Participants Database <= 2.4.9 - Cross-Site Request Forgery via _process_general	CVE-2023-31235	5.4	Skalucy	May 3, 2023
Participants Database <= 2.4.5 - Cross Site Request Forgery	CVE-2022-47612	4.3	rezaduty	January 20, 2023
Participants Database <= 2.4.5 - Cross Site Request Forgery	CVE-2022-47612	4.3	rezaduty	January 20, 2023
Participants Database <= 1.9.5.5 - SQL Injection	CVE-2020-8596	7.5	Teacish	February 10, 2020
Participants Database <= 1.7.5.9 - Unauthorized Cross-Site Scripting	CVE-2017-14126	6.1	Benjamin Lim	September 6, 2017
Participants Database < 1.5.4.9 - SQL Injection	CVE-2014-3961	9.8	Yarubo Research Team	June 2, 2014

All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.

Inquire Now

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation