Which Community by PeepSo – Download from PeepSo.com CVEs are tracked?

Community by PeepSo – Download from PeepSo.com tracked CVEs include CVE-2016-10968, CVE-2023-25967, CVE-2024-25923, CVE-2023-47850, and CVE-2024-11447.

Where should operators start on this Plugin hub?

Start with the priority CVE quick links, then open the full report for affected versions, remediation notes, CVSS vectors, and source references.

Plugin Vulnerability Hub

Plugin 16 known issues Latest disclosed Nov 20, 2024

Community by PeepSo – Download from PeepSo.com Vulnerabilities

Q: How many Community by PeepSo – Download from PeepSo.com vulnerabilities have patch guidance?

16 of 16 tracked Community by PeepSo – Download from PeepSo.com records include a published patch path.

Review known vulnerability records for the WordPress plugin Community by PeepSo – Download from PeepSo.com (`peepso-core`), including severity, CVE references, affected versions, and patch status.

Recent tracked CVEs on this page include CVE-2024-11447, CVE-2024-9873 and CVE-2024-7426, so operators can jump from disclosure to patch validation without scanning the full feed first.

View on WordPress.org Back to Feed

Known Records

High or Critical

Patch Coverage

100%

Last Updated

Apr 14, 2025

Priority CVE Quick Links

Fast paths into Community by PeepSo – Download from PeepSo.com CVE reports

Start with the highest-signal CVE records for this WordPress plugin before scanning the full vulnerability feed.

Indexed CVEs

CVE-2016-10968 High 1.6.1

CVE-2016-10968 Community by PeepSo – Download from PeepSo.com Privilege Escalation

Community by PeepSo – Social Network, Membership, Registration, User Profiles < 1.6.1 - Privilege Escalation

CVE-2023-25967 High 6.0.3.0

CVE-2023-25967 Community by PeepSo – Download from PeepSo.com Cross-Site Request Forgery

Community by PeepSo <= 6.0.2.0 - Cross-Site Request Forgery leading to Plugin/Subscription Deletion

CVE-2024-25923 Medium 6.2.7.1

CVE-2024-25923 Community by PeepSo – Download from PeepSo.com Sensitive Information Exposure

Community by PeepSo <= 6.2.7.0 - Unauthenticated Sensitive Information Disclosure via Log file

CVE-2023-47850 Medium 6.2.3.0

CVE-2023-47850 Community by PeepSo – Download from PeepSo.com Stored Cross-Site Scripting

Community by PeepSo <= 6.2.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

CVE-2024-11447 Medium 7.0.4.0

CVE-2024-11447 Community by PeepSo – Download from PeepSo.com Cross-Site Scripting

Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mobile App <=7.0.3.0 - Reflected Cross-Site Scripting

CVE-2024-0187 Medium 6.3.1.2

CVE-2024-0187 Community by PeepSo – Download from PeepSo.com Cross-Site Scripting

Community by PeepSo <= 6.3.1.1 - Reflected Cross-Site Scripting

CVE-2023-48746 Medium 6.2.7.0

CVE-2023-48746 Community by PeepSo – Download from PeepSo.com Cross-Site Scripting

Community by PeepSo <= 6.2.6.0 - Reflected Cross-Site Scripting

CVE-2024-9873 Medium 6.4.6.2

CVE-2024-9873 Community by PeepSo – Download from PeepSo.com Stored Cross-Site Scripting

Community by PeepSo <= 6.4.6.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for Community by PeepSo – Download from PeepSo.com so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.

Patch Visibility

16 records include a published patch path, leaving 0 with no listed safe release yet.

Severity Mix

0 critical and 2 high severity findings.

Recent CVEs

CVE-2024-11447, CVE-2024-9873 and CVE-2024-7426

Reference Workflow

Jump from the hub into the full report when you need remediation notes, exploit context, CVSS vectors, or source references.

Triage First

Open the records most likely to drive action

These recent records surface the CVE strings, patch cues, and direct report links most operators need first.

CVE-2024-11447 Medium Patch path listed

CVE-2024-11447: Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mobile App <=7.0.3.0 - Reflected Cross-Site Scripting

The Community by PeepSo – Download from PeepSo.com plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘filter’ parameter in all versions up to, and including, 7.0.3...

Published

Nov 20, 2024

Patch Status

7.0.4.0

Open CVE-2024-11447 Report

CVE-2024-9873 Medium Patch path listed

CVE-2024-9873: Community by PeepSo <= 6.4.6.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mobile App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via URLs in posts, c...

Published

Oct 15, 2024

Patch Status

6.4.6.2

Open CVE-2024-9873 Report

CVE-2024-7426 Medium Patch path listed

CVE-2024-7426: Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.6.0 - Unauthenticated Full Path Disclosure

The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 6.4.6.0. Th...

Published

Sep 24, 2024

Patch Status

6.4.6.1

Open CVE-2024-7426 Report

Known Vulnerabilities

Reports for Community by PeepSo – Download from PeepSo.com

Sorted by latest disclosure date so newly published issues surface first.

Plugin Medium Patched: Yes CVE-2024-11447

CVE-2024-11447: Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mobile App <=7.0.3.0 - Reflected Cross-Site Scripting

The Community by PeepSo – Download from PeepSo.com plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘filter’ parameter in all versions up to, and including, 7.0.3.0 due to insufficient input sanitization and output escaping. This makes it possible for...

Published

Nov 20, 2024

Patched Release

7.0.4.0

Affected Versions

Versions up to 7.0.3.0

Next Step

Update to 7.0.4.0 or newer if supported.

Open CVE-2024-11447 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2024-9873

CVE-2024-9873: Community by PeepSo <= 6.4.6.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mobile App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via URLs in posts, comments, and profiles when Markdown support is enabled in all versions up to, and includin...

Published

Oct 15, 2024

Patched Release

6.4.6.2

Affected Versions

Versions up to 6.4.6.1

Next Step

Update to 6.4.6.2 or newer if supported.

Open CVE-2024-9873 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2024-7426

CVE-2024-7426: Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.6.0 - Unauthenticated Full Path Disclosure

The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 6.4.6.0. This is due to the plugin displaying errors and allowing direct access to the sse.php file....

Published

Sep 24, 2024

Patched Release

6.4.6.1

Affected Versions

Versions up to 6.4.6.0

Next Step

Update to 6.4.6.1 or newer if supported.

Open CVE-2024-7426 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2024-7618

CVE-2024-7618: Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via content Parameter

The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 6.4.5.0 due to insufficient input sanitization and output escaping...

Published

Sep 09, 2024

Patched Release

6.4.6.0

Affected Versions

Versions up to 6.4.5.0

Next Step

Update to 6.4.6.0 or newer if supported.

Open CVE-2024-7618 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2024-7655

CVE-2024-7655: Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for...

Published

Sep 09, 2024

Patched Release

6.4.6.0

Affected Versions

Versions up to 6.4.5.0

Next Step

Update to 6.4.6.0 or newer if supported.

Open CVE-2024-7655 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2024-25923

CVE-2024-25923: Community by PeepSo <= 6.2.7.0 - Unauthenticated Sensitive Information Disclosure via Log file

The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.2.7.0. This makes it possible for unauthenticated attackers to extract sensitive data fro...

Published

Feb 14, 2024

Patched Release

6.2.7.1

Affected Versions

Versions up to 6.2.7.0

Next Step

Update to 6.2.7.1 or newer if supported.

Open CVE-2024-25923 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2023-7125

CVE-2023-7125: Community by PeepSo <= 6.3.1.1 - Cross-Site Request Forgery to User Post Creation

The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.3.1.1. This is due to missing or incorrect nonce validation. This makes it possible for unaut...

Published

Jan 09, 2024

Patched Release

6.3.1.2

Affected Versions

Versions up to 6.3.1.1

Next Step

Update to 6.3.1.2 or newer if supported.

Open CVE-2023-7125 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2024-0187

CVE-2024-0187: Community by PeepSo <= 6.3.1.1 - Reflected Cross-Site Scripting

The Community by PeepSo plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 6.3.1.1. This makes it possible for unauthenticated attackers to inject arbit...

Published

Jan 09, 2024

Patched Release

6.3.1.2

Affected Versions

Versions up to 6.3.1.1

Next Step

Update to 6.3.1.2 or newer if supported.

Open CVE-2024-0187 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2023-48746

CVE-2023-48746: Community by PeepSo <= 6.2.6.0 - Reflected Cross-Site Scripting

The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in all versions up to, and including, 6.2.6.0 due to insufficient input sanitization and output escaping...

Published

Nov 24, 2023

Patched Release

6.2.7.0

Affected Versions

Versions up to 6.2.6.0

Next Step

Update to 6.2.7.0 or newer if supported.

Open CVE-2023-48746 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2023-47850

CVE-2023-47850: Community by PeepSo <= 6.2.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via user avatars in all versions up to, and including, 6.2.2.0 due to insufficient input sanitization and output escaping on user su...

Published

Nov 20, 2023

Patched Release

6.2.3.0

Affected Versions

Versions up to 6.2.2.0

Next Step

Update to 6.2.3.0 or newer if supported.

Open CVE-2023-47850 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2023-39925

CVE-2023-39925: Community by PeepSo <= 6.1.6.0 - Cross-Site Request Forgery via delete

The Community by PeepSo plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.1.6.0. This is due to missing or incorrect nonce validation on the delete function. This makes it possible for unauthenticated attackers to delete PeepSo p...

Published

Nov 16, 2023

Patched Release

6.2.0.0

Affected Versions

Versions up to 6.1.6.0

Next Step

Update to 6.2.0.0 or newer if supported.

Open CVE-2023-39925 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2023-32092

CVE-2023-32092: Community by PeepSo <= 6.0.9.0 - Cross-Site Request Forgery to Field Duplication

The Community by PeepSo plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.0.9.0. This is due to missing or incorrect nonce validation on the duplicate_field() function. This makes it possible for unauthenticated attackers to dupl...

Published

May 12, 2023

Patched Release

6.1.0.0

Affected Versions

Versions up to 6.0.9.0

Next Step

Update to 6.1.0.0 or newer if supported.

Open CVE-2023-32092 Report Open CVE Reference