User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor, CVE-2024-6708
- CVE, Research URL
- Home page URL
- Application
-
User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor
- Published on
- May 16, 2025
- Research Description
- The User Profile Builder WordPress plugin before 3.12.2 does not sanitise and escape some parameters before outputting its content on the admin area, which allows Admin+ users to perform Cross-Site Scripting attacks.
- Affected versions
-
Min -, max 3.12.2.
- Status
-
vulnerable
Previous vulnerability researches |
---|
Accordion Slider Lite (CVE-2024-11892) , Jan 12, 2025 |