5 matches found
PT-2026-21059
Name of the Vulnerable Software and Affected Versions vanquish User Extra Fields wp-user-extra-fields versions through 16.8 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting XSS condition. This allows for...
WordPress User Extra Fields plugin <= 16.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin User Extra Fields versions = 16.8...
WordPress User Extra Fields plugin <= 16.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin User Extra Fields versions = 16.8...
CVE-2025-67579 WordPress User Extra Fields plugin <= 16.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Extra Fields: from n/a through = 16.8...
CVE-2025-3701 WordPress Malcure Malware Scanner plugin <= 16.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Malcure Web Security Malcure Malware Scanner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Malcure Malware Scanner: from n/a through 16.8...