3 matches found
CVE-2025-3844 PeproDev Ultimate Profile Solutions 1.9.1 - 7.5.2 - Authentication Bypass to Account Takeover
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication Bypass in versions 1.9.1 to 7.5.2. This is due to handelajaxreq function not having proper restrictions on the changeusermeta functionality that makes it possible to set a OTP code and subsequently log in...
CVE-2025-3844 PeproDev Ultimate Profile Solutions 1.9.1 - 7.5.2 - Authentication Bypass to Account Takeover
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication Bypass in versions 1.9.1 to 7.5.2. This is due to handelajaxreq function not having proper restrictions on the changeusermeta functionality that makes it possible to set a OTP code and subsequently log in...
WordPress PeproDev Ultimate Profile Solutions 1.9.1-7.5.2 plugin - Authentication Bypass to Account Takeover
Authentication Bypass to Account Takeover vulnerability discovered by kr0d in WordPress Plugin PeproDev Ultimate Profile Solutions versions 1.9.1-7.5.2...