Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-33803

Malicious code in bioql PyPI...

9.8CVSS7AI score0.00987EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/04/26 11:30 p.m.41 views

CVE-2023-2297 Profile Builder – User Profile & User Registration Forms <= 3.9.0 - Insecure Password Reset Mechanism

The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 3.9.0. This is due to the plugin using native password reset functionality, with insufficient validation on the password reset function...

9.8CVSS7.8AI score0.00987EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2023/03/15 12:0 a.m.368 views

WordPress Profile Builder 3.9.0 Missing Authorization

Description: Profile Builder – User Profile & User Registration Forms get’. Finally, the function returns the value of the retrieved ‘key’ for the given ‘userid’. During this process, capability checks are not properly implemented to ensure that the user executing the function is authorized to...

6.5CVSS0.4AI score0.00769EPSS
Exploits2
0day.today
0day.today
added 2023/03/15 12:0 a.m.359 views

WordPress Profile Builder 3.9.0 Missing Authorization Vulnerability

WordPress Profile Builder plugin versions 3.9.0 and below suffer from a missing authorization vulnerability in wppbtoolboxusermetahandler. Description: Profile Builder – User Profile & User Registration Forms get’. Finally, the function returns the value of the retrieved ‘key’ for the given...

6.5CVSS6.9AI score0.00769EPSS
Exploits2
Wordfence Blog
Wordfence Blog
added 2023/03/14 4:1 p.m.66 views

Vulnerability Patched in Cozmolabs Profile Builder Plugin – Information Disclosure Leads to Account Takeover

Hundreds, if not thousands of WordPress plugins are conceived with the idea of making site building and maintenance easier for site owners. They add features not available in WordPress Core that would otherwise require site owners to write their own code to extend functionality. However, these...

7AI score0.00769EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2023/02/14 1:13 a.m.12 views

CVE-2023-0814 Profile Builder – User Profile & User Registration Forms <= 3.9.0 - Sensitive Information Disclosure via Shortcode

The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to sensitive information disclosure via the usermeta shortcode in versions up to, and including 3.9.0. This is due to insufficient restriction on sensitive user meta values that can be called via that...

6.5CVSS6.8AI score0.00769EPSS
Exploits2References4
CVE
CVE
added 2023/02/14 1:13 a.m.80 views

CVE-2023-0814

The CVE-2023-0814 issue affects the WordPress plugin Profile Builder – User Profile & User Registration Forms. Affected versions: up to and including 3.9.0. Root cause: the user_meta shortcode exposes sensitive user meta due to insufficient restrictions, enabling authenticated subscribers (or hig...

6.5CVSS6.1AI score0.00769EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2023/02/14 1:13 a.m.52 views

CVE-2023-0814 Profile Builder – User Profile & User Registration Forms <= 3.9.0 - Sensitive Information Disclosure via Shortcode

The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to sensitive information disclosure via the usermeta shortcode in versions up to, and including 3.9.0. This is due to insufficient restriction on sensitive user meta values that can be called via that...

6.5CVSS6.9AI score0.00769EPSS
Exploits2References4
Patchstack
Patchstack
added 2023/02/14 12:0 a.m.23 views

WordPress Profile Builder Plugin <= 3.9.0 is vulnerable to Sensitive Data Exposure

Software Profile Builder Type Plugin Vulnerable versions = 3.9.0 Fixed in 3.9.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0814 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 43ad15dcf7ab Credits István Márton Required...

6.5CVSS6.3AI score0.00769EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder