WordPress Private Messages for UserPro plugin <= 4.10.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Private Messages for UserPro versions = 4.10.0...

WordPress Private Messages for UserPro plugin <= 4.10.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Private Messages for UserPro versions = 4.10.0...

CVE-2024-56210

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DeluxeThemes Userpro userpro allows Reflected XSS.This issue affects Userpro: from n/a through = 5.1.9...

CVE-2024-56210

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DeluxeThemes Userpro allows Reflected XSS.This issue affects Userpro: from n/a through 5.1.9...

CVE-2024-56210 WordPress UserPro plugin <= 5.1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DeluxeThemes Userpro userpro allows Reflected XSS.This issue affects Userpro: from n/a through = 5.1.9...

CVE-2024-56210

CVE-2024-56210 is a reported Reflected Cross‑Site Scripting (XSS) vulnerability in the WordPress plugin UserPro . The connected Red Hat entry mirrors the description: it is an improper neutralization of input in web page generation that enables Reflected XSS, affecting UserPro versions up to 5.1....

CVE-2024-56210 WordPress UserPro plugin <= 5.1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DeluxeThemes Userpro userpro allows Reflected XSS.This issue affects Userpro: from n/a through = 5.1.9...

CVE-2024-56212

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through = 5.1.9...

CVE-2024-56211

Missing Authorization vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through = 5.1.9...

CVE-2024-56214

Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro userpro allows Path Traversal.This issue affects Userpro: from n/a through = 5.1.9...

CVE-2024-56214

Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro allows Path Traversal.This issue affects Userpro: from n/a through 5.1.9...

CVE-2024-56211

Missing Authorization vulnerability in DeluxeThemes Userpro.This issue affects Userpro: from n/a through 5.1.9...

CVE-2024-56212

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in DeluxeThemes Userpro.This issue affects Userpro: from n/a through 5.1.9...

CVE-2024-56212 WordPress UserPro plugin <= 5.1.9 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in DeluxeThemes Userpro.This issue affects Userpro: from n/a through 5.1.9...

CVE-2024-56212 WordPress UserPro plugin <= 5.1.9 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through = 5.1.9...

CVE-2024-56212

CVE-2024-56212 affects the WordPress UserPro plugin (DeluxeThemes Userpro) up to version 5.1.9. Root cause: improper neutralization of special elements in SQL commands, creating a SQL injection in the plugin’s handling of user input. Impact is high (CVE metrics: AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:...

CVE-2024-56211 WordPress UserPro plugin <= 5.1.9 - Authenticated Arbitrary User Meta Update vulnerability

Missing Authorization vulnerability in DeluxeThemes Userpro.This issue affects Userpro: from n/a through 5.1.9...

CVE-2024-56211

CVE-2024-56211 affects the WordPress Plugin UserPro by DeluxeThemes (versions up to 5.1.9). The connected documents describe a Missing Authorization vulnerability that enables an authenticated user to perform an Arbitrary User Meta Update, due to insufficient authorization checks in UserPro. The ...

CVE-2024-56211 WordPress UserPro plugin <= 5.1.9 - Authenticated Arbitrary User Meta Update vulnerability

Missing Authorization vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through = 5.1.9...

CVE-2024-56214

CVE-2024-56214 concerns a Path Traversal/Local File Inclusion vulnerability in the WordPress UserPro plugin (versions