2 matches found
CVE-2025-9344 UsersWP <= 1.2.42 - Authenticated (Contributor+) Stored Cross-Site Scripting
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'uwpprofile' and 'uwpprofileheader' shortcodes in all versions up to, and including, 1.2.42 due to insufficient...
WordPress UsersWP plugin <= 1.2.42 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin UsersWP versions = 1.2.42...