3 matches found
CVE-2025-9693
The User Meta – User Profile Builder and User management plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the postInsertUserProcess function in all versions up to, and including, 3.1.2. This makes it possible for authenticated...
CVE-2025-9693
creationtimestamp| type| source ---|---|--- 2025-09-11 08:06:08+00:00| seen| https://gist.github.com/Darkcrai86/10ff6358d29176bc667ba85d9d97eb49 2025-09-11 11:12:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lykmimi2vr2u...
WordPress User Meta – User Profile Builder and User management plugin plugin <= 3.1.2 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Kishan Vyas in WordPress Plugin User Meta versions = 3.1.2...