2 matches found
WordPress ProfilePress Plugin < 4.5.1 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...
CVE-2022-4697
The CVE-2022-4697 relates to the WordPress ProfilePress plugin (versions up to 4.5.0). It is a Stored Cross‑Site Scripting vulnerability via the wp_user_cover_default_image_url parameter caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access with...