22 matches found
EUVD-2025-209483
Cross-Site Request Forgery CSRF vulnerability in DeluxeThemes Userpro allows Cross Site Request Forgery.This issue affects Userpro: from n/a before 5.1.11...
CVE-2025-53444 WordPress Userpro plugin < 5.1.11 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in DeluxeThemes Userpro userpro allows Cross Site Request Forgery.This issue affects Userpro: from n/a through 5.1.11...
EUVD-2025-205185
Missing Authorization vulnerability in DeluxeThemes Userpro userpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Userpro: from n/a through = 5.1.9...
CVE-2025-68608 WordPress Userpro plugin <= 5.1.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in DeluxeThemes Userpro userpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Userpro: from n/a through = 5.1.9...
EUVD-2024-53008
Malicious code in bioql PyPI...
EUVD-2024-53010
Malicious code in bioql PyPI...
EUVD-2024-53012
Malicious code in bioql PyPI...
CVE-2024-56210
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DeluxeThemes Userpro userpro allows Reflected XSS.This issue affects Userpro: from n/a through = 5.1.9...
CVE-2024-56214
Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro userpro allows Path Traversal.This issue affects Userpro: from n/a through = 5.1.9...
CVE-2024-56212
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through = 5.1.9...
CVE-2024-56210
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DeluxeThemes Userpro allows Reflected XSS.This issue affects Userpro: from n/a through 5.1.9...
CVE-2024-56210
CVE-2024-56210 is a reported Reflected Cross‑Site Scripting (XSS) vulnerability in the WordPress plugin UserPro . The connected Red Hat entry mirrors the description: it is an improper neutralization of input in web page generation that enables Reflected XSS, affecting UserPro versions up to 5.1....
CVE-2024-56211
Missing Authorization vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through = 5.1.9...
CVE-2024-56212
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through = 5.1.9...
CVE-2024-56211
Missing Authorization vulnerability in DeluxeThemes Userpro.This issue affects Userpro: from n/a through 5.1.9...
CVE-2024-56214
Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro allows Path Traversal.This issue affects Userpro: from n/a through 5.1.9...
CVE-2024-56212 WordPress UserPro plugin <= 5.1.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in DeluxeThemes Userpro.This issue affects Userpro: from n/a through 5.1.9...
CVE-2024-56212
CVE-2024-56212 affects the WordPress UserPro plugin (DeluxeThemes Userpro) up to version 5.1.9. Root cause: improper neutralization of special elements in SQL commands, creating a SQL injection in the plugin’s handling of user input. Impact is high (CVE metrics: AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:...
CVE-2024-56211 WordPress UserPro plugin <= 5.1.9 - Authenticated Arbitrary User Meta Update vulnerability
Missing Authorization vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through = 5.1.9...
CVE-2024-56214 WordPress UserPro plugin <= 5.1.9 - Local File Inclusion vulnerability
Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro userpro allows Path Traversal.This issue affects Userpro: from n/a through = 5.1.9...