cleantalk
Vulnerabilities and Security Researches

Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress, CVE-2022-1950

CVE, Research URL

CVE-2022-1950

Home page URL

Security reports for Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress

Application

Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress

Published on
Aug 01, 2022
Research Description
The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection
Affected versions
max 1.2.0.
Status
vulnerable
Previous vulnerability researches
Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress (CVE-2024-4742) , Jun 22, 2024
Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress (CVE-2025-69014) , Jan 10, 2026
Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress (CVE-2022-1950) , Jun 07, 2024
Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress (CVE-2023-0059) , Jun 07, 2024
Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress (CVE-2023-47191) , Jun 07, 2024
New vulnerability
CubeWP – All-in-One Dynamic Content Framework (CVE-2025-8615) , Apr 20, 2026
Hostel (CVE-2026-1838) , Apr 20, 2026
Content Blocks (Custom Post Widget) (CVE-2026-0894) , Apr 20, 2026
Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress (CVE-2026-1559) , Apr 20, 2026
Frontend File Manager Plugin (CVE-2026-1280) , Apr 20, 2026