Lucene search
Krzysztof ZającPATCHSTACK:212F0B07563A32B306FD6678EC4106D7HistoryDec 27, 2021 - 12:00 a.m.
WordPress WP User Frontend plugin <= 3.5.25 - SQL Injection (SQLi) to Reflected Cross-Site Scripting (XSS)
2021-12-2700:00:00
Krzysztof Zając
patchstack.com
2
0.005 Low
EPSS
Percentile
77.2%
SQL Injection (SQLi) to Reflected Cross-Site Scripting (XSS) discovered by Krzysztof Zając in WordPress WP User Frontend plugin (versions <= 3.5.25).
Solution
Update the WordPress WP User Frontend plugin to the latest available version (at least 3.5.26).
| CPE | Name | Operator | Version |
|---|---|---|---|
| wp user frontend | le | 3.5.25 |
Related
prion
prion
Cross site scripting
2022-01-24 08:15:00
nvd
nvd
CVE-2021-25076
2022-01-24 08:15:09
zdt
zdt
cve
cve
CVE-2021-25076
2022-01-24 08:15:09
wpexploit
wpexploit
WP User Frontend < 3.5.26 - SQL Injection to Reflected Cross-Site Scripting
2021-12-27 00:00:00
githubexploit
githubexploit
Exploit for SQL Injection in Wedevs Wp User Frontend
2022-06-04 21:22:10
cnvd
cnvd
WordPress WP User Frontend plugin SQL injection vulnerability
2022-01-26 00:00:00
wpvulndb
wpvulndb
WP User Frontend < 3.5.26 - SQL Injection to Reflected Cross-Site Scripting
2021-12-27 00:00:00
cvelist
cvelist
packetstorm
packetstorm
WordPress WP User Frontend 3.5.25 SQL Injection
2022-02-21 00:00:00
exploitdb
exploitdb
WordPress Plugin WP User Frontend 3.5.25 - SQLi (Authenticated)
2022-02-21 00:00:00