cleantalk
Vulnerabilities and Security Researches

User Meta – User Profile Builder and User management plugin, CVE-2025-47611

CVE, Research URL

CVE-2025-47611

Home page URL

Security reports for User Meta – User Profile Builder and User management plugin

Application

User Meta – User Profile Builder and User management plugin

Published on
May 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Khaled User Meta allows Reflected XSS. This issue affects User Meta: from n/a through 3.1.2.
Affected versions
Min -, max 3.1.2.
Status
vulnerable
Previous vulnerability researches
Mega Addons For WPBakery Page Builder (CVE-2022-4501) , Jun 07, 2024
Mega Addons For WPBakery Page Builder (CVE-2023-0268) , Jun 07, 2024
Mega Addons For WPBakery Page Builder (CVE-2022-36798) , Jun 07, 2024
New vulnerability
Premium Addons for Elementor (CVE-2025-4774) , Jun 15, 2025
The Events Calendar Countdown Addon (CVE-2025-49311) , Jun 15, 2025
Audio Editor & Recorder (CVE-2025-49509) , Jun 15, 2025
Konami Easter Egg (CVE-2025-49425) , Jun 15, 2025
Bacon Ipsum (CVE-2025-49443) , Jun 15, 2025