Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/04/18 2:21 a.m.6 views

CVE-2025-2314

The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.13.5 due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00269EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 3:15 a.m.21 views

CVE-2025-2314

The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.13.5 due to insufficient input sanitization and output escaping on...

6.4CVSS0.00269EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/16 1:45 a.m.6 views

CVE-2025-2314 User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.13.5 due to insufficient input sanitization and output escaping on...

6.4CVSS5.9AI score0.00269EPSS
Exploits0References3
CVE
CVE
added 2025/04/16 1:45 a.m.61 views

CVE-2025-2314

The CVE CVE-2025-2314 concerns the WordPress plugin User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor. A stored XSS flaw exists via shortcode attributes due to insufficient input sanitization and output escaping in versions up to 3.13.5. An authenticated a...

6.4CVSS5.8AI score0.00269EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/16 1:45 a.m.20 views

CVE-2025-2314 User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.13.5 due to insufficient input sanitization and output escaping on...

6.4CVSS0.00269EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/04/15 4:56 p.m.6 views

WordPress User Profile Builder plugin <= 3.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by muhammad yudha in WordPress Plugin Profile Builder versions = 3.13.6...

6.4CVSS6.4AI score0.00269EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder