Userpro Security Vulnerabilities and Issues — Userpro CVE List

Lucene search

UserpropluginUserpro

3 matches found

CVE•added 2024/06/04 2:15 p.m.•42 views

CVE-2024-35700

Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation.This issue affects Userpro: from n/a through 5.1.8.

9.8CVSS9.6AI score0.00189EPSS

CVE•added 2024/01/31 3:15 a.m.•39 views

CVE-2023-2439

The UserPro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'userpro' shortcode in versions up to, and including, 5.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contribut...

6.4CVSS5AI score0.00082EPSS

CVE•added 2024/02/05 10:16 p.m.•38 views

CVE-2024-0701

The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 5.1.6. This is due to the use of client-side restrictions to enforce the 'Disabled registration' Membership feature within the plugin's General settings. This makes it possible for unauth...

5.3CVSS6.2AI score0.00176EPSS