cleantalk
Vulnerabilities and Security Researches

WP User Manager – User Profile Builder & Membership, CVE-2025-60245

CVE, Research URL

CVE-2025-60245

Home page URL

Security reports for WP User Manager – User Profile Builder & Membership

Application

WP User Manager – User Profile Builder & Membership

Published on
Nov 06, 2025
Research Description
Deserialization of Untrusted Data vulnerability in WP User Manager WP User Manager wp-user-manager allows Object Injection.This issue affects WP User Manager: from n/a through <= 2.9.12.
Affected versions
max 2.9.12.
Status
vulnerable
Previous vulnerability researches
Flexible Refund and Return Order for WooCommerce (CVE-2025-10570) , Nov 10, 2025
New vulnerability
JB News Ticker (CVE-2025-11804) , Nov 11, 2025
My auctions allegro (CVE-2025-10048) , Nov 11, 2025
Sertifier Certificates &amp; Open Badges &#8211; Tutor LMS (CVE-2025-53214) , Nov 11, 2025
Toast Mobile Menu &#8211; PageSpeed Insights Friendly (CVE-2025-53238) , Nov 11, 2025
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2025-9322) , Nov 11, 2025