WordPress Profile Builder Vulnerabilities
Wordpress Profile Builder vulnerabilities.
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Improper Input Validation in Cozmoslabs Profile Builder
CVE-2025-49292WordPressProfile Builder4.3MEDIUMStored Cross-Site Scripting Vulnerability in Profile Builder Plugin for WordPress
CVE-2025-4671WordPressUser Profile Builder โ...6.4MEDIUMCross-Site Scripting Vulnerability in User Profile Builder Plugin for WordPress
CVE-2024-6708WordPressUser Profile Builder๐พ๐ก4.8MEDIUMStored Cross-Site Scripting Vulnerability in User Profile Builder by WordPress
CVE-2025-2314WordPressUser Profile Builder โ...6.4MEDIUMStored Cross-Site Scripting in User Profile Builder Plugin for WordPress
CVE-2024-12738WordpressUser Profile Builder โ...6.1MEDIUMVulnerability in User Meta Plugin Allows Attackers to Obtain User Meta Values
CVE-2024-9262WordpressUser Meta โ User Profi...6.5MEDIUMFreemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes
CVE-2022-4974WordpressYasr โ Yet Another Sta...6.3MEDIUMUnauthorized File Uploads through Async Upload Functionality
CVE-2024-6366WordpressUser Profile Builder๐พ๐กEPSS 89%WordPress User Profile Builder plugin <= 3.11.2 - Bypass Vulnerability vulnerability
CVE-2024-31341WordPressProfile Builder5.3MEDIUMData Modification Vulnerability in User Profile Builder Plugin for WordPress
CVE-2024-0324WordPressUser Profile Builder โ...EPSS 45%7.5HIGHWordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2024-22140WordPressProfile Builder Pro8.8HIGHWordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Sensitive Data Exposure
CVE-2024-22141WordPressProfile Builder Pro7.5HIGHWordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS)
CVE-2024-22142WordPressProfile Builder Pro7.1HIGHUnauthorized Data Access in User Profile Builder Plugin for WordPress
CVE-2023-6504WordPressUser Profile Builder โ...4.3MEDIUMWordPress Profile Builder Plugin <= 3.10.3 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47669WordPressUser Profile Builder โ...5.4MEDIUMProfile Builder < 3.9.8 - Unauthenticated Plugin's Pages Creation
CVE-2023-4059WordpressProfile Builder๐พ๐ก4.3MEDIUMUnauthorized Password Reset in Profile Builder Plugin for WordPress
CVE-2023-2297WordpressProfile Builder โ User...8.1HIGHSensitive Information Disclosure in Profile Builder Plugin for WordPress
CVE-2023-0814WordpressProfile Builder โ User...6.5MEDIUMWordPress Profile Builder plugin <= 3.6.0 - Cross-Site Request Forgery (CSRF) vulnerability
CVE-2021-36915WordPressProfile Builder โ User...4.2MEDIUMWP User Manager < 2.6.3 - Arbitrary User Password Reset to Account Compromise
CVE-2021-24655WordpressWP User Manager โ User...7.5HIGHUser Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal
CVE-2022-0779WordpressUser Meta โ User Profi...EPSS 12%6.5MEDIUMUser Meta < 2.4.3 - Admin+ Stored Cross-Site Scripting
CVE-2022-0376WordpressUser Meta โ User Profi...4.8MEDIUMProfile Builder < 3.6.8 - Admin+ Stored Cross-Site Scripting
CVE-2022-0884WordpressProfile Builder โ User...4.8MEDIUMProfile Builder โ User Profile & User Registration Forms <= 3.6.1 Reflected Cross-Site Scripting
CVE-2022-0653WordPressProfile Builder โ User...6.1MEDIUMProfile Builder < 3.4.9 - Admin Access via Password Reset
CVE-2021-24527WordpressUser Registration & Us...9.8CRITICAL