Lucene search
K

4 matches found

CVE
CVE
added 16 hours ago11 views

CVE-2026-12097

The CVE covers the WordPress User Management plugin (versions up to and including 1.2). Affected component: the plugin’s authorization flow; root cause is improper verification of a user’s permission, enabling an authorization bypass. Impact: unauthenticated attackers can modify the plugin’s expo...

5.3CVSS5.9AI score
Exploits0References5
CVE
CVE
added 2025/01/15 3:23 p.m.51 views

CVE-2025-22736

CVE-2025-22736 concerns the WordPress plugin User Management by WPExperts. The issue is described as an Incorrect Privilege Assignment vulnerability that enables Privilege Escalation . Affected software: User Management (through version 1.2, per description). Documented impact indicates an authen...

8.8CVSS7.2AI score0.00418EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/16 9:53 p.m.12 views

CVE-2024-52403 WordPress User Management plugin <= 1.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Saad Iqbal User Management user-management allows Upload a Web Shell to a Web Server.This issue affects User Management: from n/a through = 1.1...

9.9CVSS8.5AI score0.00478EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.7 views

WordPress WordPress User Management and User Admin Plugin – User Magic Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software WordPress User Management and User Admin Plugin – User Magic Type Plugin Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5dac84f1c8...

6.4AI score0.00284EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder