Lucene search
K

153 matches found

Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.10 views

PT-2026-6248

Name of the Vulnerable Software and Affected Versions UsersWP versions through 1.2.53 Description The software contains a Cross-Site Request Forgery CSRF flaw. This allows attackers to potentially perform actions on behalf of authenticated users without their knowledge. Recommendations Update...

4.3CVSS5.4AI score0.00124EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/01/28 5:38 p.m.5 views

WordPress UsersWP plugin <= 1.2.53 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Tristan Jay Neale in WordPress Plugin UsersWP versions = 1.2.53...

4.3CVSS5.3AI score0.00124EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/07 9:15 a.m.9 views

CVE-2024-2423

The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.2.6 due to insufficient input sanitization and output...

6.4CVSS5.7AI score0.00446EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/15 1:30 p.m.5 views

WordPress UsersWP plugin <= 1.2.48 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by daroo in WordPress Plugin UsersWP versions = 1.2.48...

4.3CVSS7AI score0.00098EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/10 2:23 p.m.4 views

CVE-2025-67593

Cross-Site Request Forgery CSRF vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through = 1.2.48...

4.3CVSS6.9AI score0.00098EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:18 p.m.6 views

CVE-2025-67593

Cross-Site Request Forgery CSRF vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through = 1.2.48...

4.3CVSS0.00098EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 2:14 p.m.2 views

CVE-2025-67593 WordPress UsersWP plugin <= 1.2.48 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through = 1.2.48...

4.3CVSS6.5AI score0.00098EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:14 p.m.23 views

CVE-2025-67593 WordPress UsersWP plugin <= 1.2.48 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through = 1.2.48...

4.3CVSS0.00098EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 2:14 p.m.4 views

EUVD-2025-202060

Cross-Site Request Forgery CSRF vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through = 1.2.48...

4.3CVSS6.3AI score0.00098EPSS
Exploits0References2
CVE
CVE
added 2025/12/09 2:14 p.m.10 views

CVE-2025-67593

CVE-2025-67593 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin UsersWP – UsersWP (from the vendor Stiofan) affecting versions up to 1.2.48 . The initial document provides limited technical detail: it lists the impact as CSRF and the affected version range but d...

4.3CVSS6.5AI score0.00098EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.4 views

PT-2025-49967

Name of the Vulnerable Software and Affected Versions UsersWP versions through 1.2.48 Description The UsersWP plugin contains a Cross-Site Request Forgery CSRF flaw. This allows attackers to potentially perform actions on behalf of an authenticated user without their knowledge. The issue impacts...

4.3CVSS6.5AI score0.00098EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.3 views

WordPress plugin UsersWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.3CVSS6.6AI score0.00098EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/25 9:28 a.m.8 views

WordPress UsersWP plugin <= 1.2.47 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin UsersWP versions = 1.2.47...

9.8CVSS7AI score0.00216EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/22 12:34 p.m.7 views

CVE-2025-66072

Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through = 1.2.47...

5.3CVSS7AI score0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/21 3:31 p.m.5 views

EUVD-2025-198471

Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through = 1.2.47...

4.3CVSS6.5AI score0.00216EPSS
Exploits0References2
NVD
NVD
added 2025/11/21 1:15 p.m.7 views

CVE-2025-66072

Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through = 1.2.47...

5.3CVSS0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/21 12:29 p.m.13 views

CVE-2025-66072 WordPress UsersWP plugin <= 1.2.47 - Broken Access Control vulnerability

Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through = 1.2.47...

5.3CVSS0.00216EPSS
Exploits0References1
CVE
CVE
added 2025/11/21 12:29 p.m.13 views

CVE-2025-66072

CVE-2025-66072: WordPress UsersWP

5.3CVSS6.6AI score0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/21 12:29 p.m.3 views

CVE-2025-66072 WordPress UsersWP plugin <= 1.2.47 - Broken Access Control vulnerability

Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through = 1.2.47...

5.3CVSS6.6AI score0.00216EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/21 12:0 a.m.6 views

PT-2025-47745

Name of the Vulnerable Software and Affected Versions UsersWP versions through 1.2.47 Description An authorization issue exists in UsersWP that relates to incorrectly configured access control security levels. This allows for potential exploitation of the system. Recommendations Update UsersWP to...

9.8CVSS6.5AI score0.00216EPSS
Exploits0References4
Rows per page
Query Builder