333 matches found
EUVD-2023-51768
Malicious code in bioql PyPI...
CVE-2025-9693
The User Meta – User Profile Builder and User management plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the postInsertUserProcess function in all versions up to, and including, 3.1.2. This makes it possible for authenticated...
CVE-2025-9693 User Meta – User Profile Builder and User management plugin <= 3.1.2 - Authenticated (Subscriber+) Arbitrary File Deletion
The User Meta – User Profile Builder and User management plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the postInsertUserProcess function in all versions up to, and including, 3.1.2. This makes it possible for authenticated...
CVE-2025-8896
The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gdprcommunicationpreferences' parameter in all versions up to, and including, 3.14.3 due to insufficient input sanitization and...
CVE-2025-8896
The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gdprcommunicationpreferences' parameter in all versions up to, and including, 3.14.3 due to insufficient input sanitization and...
CVE-2025-8896
CVE-2025-8896 affects the WordPress plugin User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor (versions up to 3.14.3). Root cause: stored XSS via the gdpr_communication_preferences[] parameter due to insufficient input sanitization and output escaping. Impa...
CVE-2025-8896 User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.14.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting
The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gdprcommunicationpreferences' parameter in all versions up to, and including, 3.14.3 due to insufficient input sanitization and...
CVE-2025-8896 User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.14.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting
The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gdprcommunicationpreferences' parameter in all versions up to, and including, 3.14.3 due to insufficient input sanitization and...
WordPress User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin <= 3.14.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Alex in WordPress Plugin Profile Builder versions = 3.14.3...
PT-2025-33539 · WordPress · User Profile Builder
Name of the Vulnerable Software and Affected Versions: User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress versions through 3.14.3 Description: The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Edito...
WordPress plugin User Profile Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Profile Builder Plugin Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Profile Builder Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...
CVE-2025-49292
Improper Validation of Specified Quantity in Input vulnerability in Cozmoslabs Profile Builder profile-builder allows Phishing.This issue affects Profile Builder: from n/a through = 3.13.8...
CVE-2025-49292
Improper Validation of Specified Quantity in Input vulnerability in Cozmoslabs Profile Builder profile-builder allows Phishing.This issue affects Profile Builder: from n/a through = 3.13.8...
CVE-2025-49292 WordPress Profile Builder <= 3.13.8 - Content Spoofing Vulnerability
Improper Validation of Specified Quantity in Input vulnerability in Cozmoslabs Profile Builder allows Phishing. This issue affects Profile Builder: from n/a through 3.13.8...
CVE-2025-49292
The CVE-2025-49292 entry concerns Cozmoslabs Profile Builder. Connected Red Hat data confirms an input validation weakness (improper validation of a specified quantity) that enables phishing. Affected product: Profile Builder up to version 3.13.8. Root cause described as improper validation of in...
CVE-2025-49292 WordPress Profile Builder plugin <= 3.13.8 - Content Spoofing Vulnerability
Improper Validation of Specified Quantity in Input vulnerability in Cozmoslabs Profile Builder profile-builder allows Phishing.This issue affects Profile Builder: from n/a through = 3.13.8...
PT-2025-24226 · Cozmoslabs · Cozmoslabs Profile Builder
Name of the Vulnerable Software and Affected Versions: Cozmoslabs Profile Builder versions 3.13.8 and earlier Description: The issue is related to improper validation of specified quantity in input, which allows phishing. Recommendations: For Cozmoslabs Profile Builder versions 3.13.8 and earlier...
WordPress plugin Profile Builder 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Profile Builder plugin <= 3.13.8 - Content Spoofing Vulnerability
Content Spoofing Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Profile Builder versions = 3.13.8...