153 matches found
PT-2026-6248
Name of the Vulnerable Software and Affected Versions UsersWP versions through 1.2.53 Description The software contains a Cross-Site Request Forgery CSRF flaw. This allows attackers to potentially perform actions on behalf of authenticated users without their knowledge. Recommendations Update...
WordPress UsersWP plugin <= 1.2.53 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Tristan Jay Neale in WordPress Plugin UsersWP versions = 1.2.53...
CVE-2024-2423
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.2.6 due to insufficient input sanitization and output...
WordPress UsersWP plugin <= 1.2.48 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by daroo in WordPress Plugin UsersWP versions = 1.2.48...
CVE-2025-67593
Cross-Site Request Forgery CSRF vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through = 1.2.48...
CVE-2025-67593
Cross-Site Request Forgery CSRF vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through = 1.2.48...
CVE-2025-67593 WordPress UsersWP plugin <= 1.2.48 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through = 1.2.48...
CVE-2025-67593 WordPress UsersWP plugin <= 1.2.48 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through = 1.2.48...
EUVD-2025-202060
Cross-Site Request Forgery CSRF vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through = 1.2.48...
CVE-2025-67593
CVE-2025-67593 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin UsersWP – UsersWP (from the vendor Stiofan) affecting versions up to 1.2.48 . The initial document provides limited technical detail: it lists the impact as CSRF and the affected version range but d...
PT-2025-49967
Name of the Vulnerable Software and Affected Versions UsersWP versions through 1.2.48 Description The UsersWP plugin contains a Cross-Site Request Forgery CSRF flaw. This allows attackers to potentially perform actions on behalf of an authenticated user without their knowledge. The issue impacts...
WordPress plugin UsersWP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
WordPress UsersWP plugin <= 1.2.47 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin UsersWP versions = 1.2.47...
CVE-2025-66072
Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through = 1.2.47...
EUVD-2025-198471
Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through = 1.2.47...
CVE-2025-66072
Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through = 1.2.47...
CVE-2025-66072 WordPress UsersWP plugin <= 1.2.47 - Broken Access Control vulnerability
Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through = 1.2.47...
CVE-2025-66072
CVE-2025-66072: WordPress UsersWP
CVE-2025-66072 WordPress UsersWP plugin <= 1.2.47 - Broken Access Control vulnerability
Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through = 1.2.47...
PT-2025-47745
Name of the Vulnerable Software and Affected Versions UsersWP versions through 1.2.47 Description An authorization issue exists in UsersWP that relates to incorrectly configured access control security levels. This allows for potential exploitation of the system. Recommendations Update UsersWP to...