cleantalk
Vulnerabilities and Security Researches

User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor, CVE-2021-36915

CVE, Research URL

CVE-2021-36915

Home page URL

Security reports for User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor

Application

User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor

Published on
Oct 12, 2022
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile Builder plugin <= 3.6.0 at WordPress allows uploading the JSON file and updating the options. Requires Import and Export add-on.
Affected versions
Min -, max 1.1.60.
Status
vulnerable
Previous vulnerability researches
User Profile Builder &#8211; Beautiful User Registration Forms, User Profiles &amp; User Role Editor (CVE-2024-12738) , Jan 09, 2025
User Profile Builder &#8211; Beautiful User Registration Forms, User Profiles &amp; User Role Editor (CVE-2024-6366) , Jul 30, 2024
User Profile Builder &#8211; Beautiful User Registration Forms, User Profiles &amp; User Role Editor (CVE-2025-2314) , Apr 17, 2025
User Profile Builder &#8211; Beautiful User Registration Forms, User Profiles &amp; User Role Editor (CVE-2022-0884) , Jun 06, 2024
User Profile Builder &#8211; Beautiful User Registration Forms, User Profiles &amp; User Role Editor (CVE-2014-10380) , Jun 06, 2024
New vulnerability
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025
AdminQuickbar (CVE-2025-39464) , Apr 20, 2025