CVE-2025-49292 WordPress Profile Builder plugin <= 3.13.8 - Content Spoofing Vulnerability

Improper Validation of Specified Quantity in Input vulnerability in Cozmoslabs Profile Builder profile-builder allows Phishing.This issue affects Profile Builder: from n/a through = 3.13.8...

CVE-2025-49292 WordPress Profile Builder <= 3.13.8 - Content Spoofing Vulnerability

Improper Validation of Specified Quantity in Input vulnerability in Cozmoslabs Profile Builder allows Phishing. This issue affects Profile Builder: from n/a through 3.13.8...

WordPress Profile Builder plugin <= 3.12.0 - Admin+ Stored Cross Site Scripting vulnerability

Admin+ Stored Cross Site Scripting vulnerability discovered by John Castro in WordPress Plugin Profile Builder versions = 3.12.0...

WordPress Profile Builder Plugin <= 3.11.2 is vulnerable to Bypass Vulnerability

Software Profile Builder Type Plugin Vulnerable versions = 3.11.2 Fixed in 3.11.3 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2024-31341 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b21686841f84 Credits Ananda Dhakal Patchstack...

WordPress Profile Builder Plugin <= 3.10.8 is vulnerable to Broken Access Control

Software Profile Builder Type Plugin Vulnerable versions = 3.10.8 Fixed in 3.10.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-0324 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID c4fb0e8879d0 Credits kodaichodai Required...

WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Profile Builder Pro Type Plugin Vulnerable versions = 3.10.0 Fixed in 3.10.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-22140 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 81245bbcdd5e Credits Dave Jong...

WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS)

Software Profile Builder Pro Type Plugin Vulnerable versions = 3.10.0 Fixed in 3.10.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-22142 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 458e79568c87 Credits Dave Jong Patchstack...

WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Sensitive Data Exposure

Software Profile Builder Pro Type Plugin Vulnerable versions = 3.10.0 Fixed in 3.10.1 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-22141 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID d6301bb29b09 Credits Dave Jong...

WordPress Profile Builder Plugin <= 3.10.7 is vulnerable to Insecure Direct Object References (IDOR)

Software Profile Builder Type Plugin Vulnerable versions = 3.10.7 Fixed in 3.10.8 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-6504 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4a72357868f4 Credits Francesco...

WordPress Profile Builder Plugin <= 3.9.0 is vulnerable to Sensitive Data Exposure

Software Profile Builder Type Plugin Vulnerable versions = 3.9.0 Fixed in 3.9.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-2297 Patch priority Low CVSS severity Low 9.8 Developer Claim ownership PSID 973328704779 Credits István Márton Required...

WordPress Profile Builder Plugin <= 3.9.0 is vulnerable to Sensitive Data Exposure

Software Profile Builder Type Plugin Vulnerable versions = 3.9.0 Fixed in 3.9.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0814 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 43ad15dcf7ab Credits István Márton Required...

WordPress plugin Profile Builder 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Profile Builder plugin has a cross-site scripting vulnerability that can be exploited by attackers to allow highly privilege...

WordPress Profile Builder Pro plugin <= 3.1.0 - User Registration With Administrator Role vulnerability

User Registration With Administrator Role vulnerability found by Noman Riffat in WordPress Profile Builder Pro plugin versions = 3.1.0. Solution Update the WordPress Profile Builder Pro plugin to the latest available version at least 3.1.1...

WordPress profile-builder plugin access control error vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. ninja-forms is a contact form builder plugin that uses it. simple-login-log is a user login logging plugin that uses it...

WordPress Profile Builder Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . Profile Builder is one of the profile release plugin . A cross-site scripting vulnerability exists in the...