Ultimate Member < 2.1.12 - Unauthenticated Privilege Escalation via User Meta

An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Meta. An attacker could supply an array parameter for sensitive metadata, such as the wpcapabilities user meta that defines a user's role. During the registration...

CVE-2026-9018 Easy Elements for Elementor – Addons & Website Templates <= 1.4.5 - Unauthenticated Privilege Escalation via 'custom_meta' Parameter

The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.5 via the easyelhandleregister function. This is due to the wpajaxnopriveelregister AJAX handler iterating the attacker-controlled...

CVE-2026-7467 Read More & Accordion <= 3.5.7 - Privilege Escalation via importData

The Read More & Accordion plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.7. This is due to the 'RadMoreAjax::importData' function not restricting which database tables can be written to during import and not properly validating the imported...

EUVD-2026-30254

The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.1.2. This is due to the infusedwoogdprupddata function missing authorization and capability checks, as well as lacking restrictions on which user meta keys can be updated. This...

CVE-2026-6506 InfusedWoo Pro <= 5.1.2 - Authenticated (Subscriber+) Missing Authorization to Privilege Escalation via Arbitrary User Meta Update

The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.1.2. This is due to the infusedwoogdprupddata function missing authorization and capability checks, as well as lacking restrictions on which user meta keys can be updated. This...

CVE-2026-6506 InfusedWoo Pro <= 5.1.2 - Authenticated (Subscriber+) Missing Authorization to Privilege Escalation via Arbitrary User Meta Update

The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.1.2. This is due to the infusedwoogdprupddata function missing authorization and capability checks, as well as lacking restrictions on which user meta keys can be updated. This...

EUVD-2026-14256

The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.29.7. This is due to the 'saveextrauserprofilefields' function not properly restricting which user meta keys can be updated via profile fields. The...

CVE-2026-3629

The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.29.7. This is due to the 'saveextrauserprofilefields' function not properly restricting which user meta keys can be updated via profile fields. The...

CVE-2026-3629 Import and export users and customers <= 1.29.7 - Privilege Escalation to Administrator via save_extra_user_profile_fields

The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.29.7. This is due to the 'saveextrauserprofilefields' function not properly restricting which user meta keys can be updated via profile fields. The...

CVE-2026-3629 Import and export users and customers <= 1.29.7 - Privilege Escalation to Administrator via save_extra_user_profile_fields

The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.29.7. This is due to the 'saveextrauserprofilefields' function not properly restricting which user meta keys can be updated via profile fields. The...

CVE-2026-2941

CVE-2026-2941 affects the WordPress plugin Linksy Search and Replace . The vulnerability arises from a missing capability check in the function linksy_search_and_replace_item_details across all versions up to and including 1.0.4, allowing authenticated users with subscriber-level access and above...

WordPress Plugin Simple User Registration Access Control Error Vulnerability

WordPress is a set of blogging platform developed using the PHP language, the platform has the ability to set up a personal blog site on a server based on PHP and MySQL, WordPress plugin is an application plugin. An access control error vulnerability exists in the WordPress plugin Simple User...

CVE-2026-0844

The Simple User Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 6.7 due to insufficient restriction on the 'profilesavefield' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to...

📄 WordPress Ultimate Member 2.6.6 Privilege Escalation

WordPress Ultimate Member plugin version 2.6.6 proof of concept privilege escalation exploit. !/usr/bin/env python3 Exploit Title: Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation Exploit Author: Gurjot Singh CVE: CVE-2023-3460 Description : The attached PoC demonstrates how an...

CVE-2021-24230

The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged in user overwrite or create arbitrary user metadata on the victim’s account once visited. If exploited, this bug can be used to overwrite t...

CVE-2024-10800

CVE-2024-10800 : WordPress User Extra Fields plugin (

CVE-2023-6009

The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.4 due to insufficient restriction on the 'userproupdateuserprofile' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify...

ProfilePress 3.0 - 3.1.3 - Authenticated Privilege Escalation

The user profile update functionality of the plugin allowed arbitrary user meta to be supplied, including wpcapabilities, during a profile update which made it possible for users to escalate their privileges to that of an an administrator. PoC 'Hax0r3', 'regemail' = '[email protected]',...

Cross site request forgery (csrf)

The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged in user overwrite or create arbitrary user metadata on the victim’s account once visited. If exploited, this bug can be used to overwrite t...

VulnCheck KEV: CVE-2020-36155

An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Meta. An attacker could supply an array parameter for sensitive metadata, such as the wpcapabilities user meta that defines a user's role. During the...