Simple Local Avatars Security Vulnerabilities and Issues — Simple Local Avatars CVE List

Lucene search

10upSimple Local Avatars

3 matches found

CVE•added 2024/08/26 9:15 p.m.•58 views

CVE-2024-43116

Cross-Site Request Forgery (CSRF) vulnerability in 10up Simple Local Avatars.This issue affects Simple Local Avatars: from n/a through 2.7.10.

8.8CVSS7AI score0.00042EPSS

CVE•added 2024/11/16 3:15 a.m.•45 views

CVE-2024-10786

The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the sla_clear_user_cache function in all versions up to, and including, 2.7.11. This makes it possible for authenticated attackers, with Subscriber-level access and a...

4.3CVSS4.2AI score0.00064EPSS

CVE•added 2 days ago•2 views

CVE-2025-8482

The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of data in version 2.8.4. This is due to a missing capability check on the migrate_from_wp_user_avatar() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to ...

4.3CVSS6.7AI score0.00026EPSS