EUVD-2024-31312

Malicious code in bioql PyPI...

CVE-2025-47611

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Khaled User Meta user-meta allows Reflected XSS.This issue affects User Meta: from n/a through = 3.1.2...

CVE-2024-33575

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in User Meta user-meta.This issue affects User Meta: from n/a through 3.0...

PT-2025-17886 · WordPress · Vikinger

Name of the Vulnerable Software and Affected Versions: Vikinger theme for WordPress versions up to, and including, 1.9.30 Description: The issue is due to insufficient user meta restrictions in the vikinger user meta update ajax function, allowing authenticated attackers with Subscriber-level...

CVE-2024-33575

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in User Meta user-meta.This issue affects User Meta: from n/a through 3.0...

CVE-2023-0814 Profile Builder – User Profile & User Registration Forms <= 3.9.0 - Sensitive Information Disclosure via Shortcode

The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to sensitive information disclosure via the usermeta shortcode in versions up to, and including 3.9.0. This is due to insufficient restriction on sensitive user meta values that can be called via that...