Participants Database

Vulnerabilities 12Slug participants-databaseLatest version 2.7.8.3WordPress.org →

Minimum safe version

2.7.7

Update to 2.7.7 or later to address 12 fixable vulnerabilities

Latest available2.7.8.3 ✓

Medium 6.5

2025-09-22< 2.7.7

CVE-2025-58008

CVE Patchstack Wordfence EUVD

Critical 9.8

2024-08-13< 2.5.9.3

CVE-2024-43141

CVE Patchstack Wordfence

Medium 4.3

2023-12-18< 2.5.6

CVE-2023-48751

CVE Patchstack WPScan

N/A

2023-11-27< 2.5.6

Participants Database <= 2.5.5 - Missing Authorization

Wordfence

Medium 5.4

2023-11-09< 2.5.0

CVE-2023-31235

CVE Patchstack Wordfence

N/A

2023-05-03< 2.5

Participants Database <= 2.4.9 - Authenticated(Administrator+) Stored Cross-Site Scripting via plugin settings

Wordfence

Medium 4.3

2023-02-28< 2.4.6

CVE-2022-47612

CVE Patchstack Wordfence Wordfence

N/A

2017-08-25< 1.7.5.4

WordPress Participants Database plugin <= 1.7.5.3 - Cross-Site Request Forgery (CSRF)/Authenticated Arbitrary File Upload Vulnerabilities

Patchstack

N/A

2020-02-10< 1.9.5.6

WordPress Participants Database plugin <= 1.9.5.5 - Authenticated Time Based SQL Injection (SQLi) injection

Patchstack

N/A

2014-06-04< 1.5.4.9

CVE-2014-3961

CVE Patchstack Wordfence WPScan

Medium 6.1

2017-09-06< 1.7.5.10

WordPress Participants Database plugin <=1.7.5.9 - Cross-Site Scripting (XSS) vulnerability

Patchstack Wordfence CVE WPScan

High 7.5

2020-02-11< 1.9.5.6

WordPress Participants Database plugin <= 1.9.5.5 - Authenticated Time Based SQL Injection (SQLi) vulnerability

Patchstack CVE Wordfence WPScan