WordPress User Profile Picture Vulnerabilities
Wordpress User Profile Picture vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Authenticated Attackers Can Update Any User's Profile Picture via Insecure Direct Object Reference
CVE-2024-5639WordpressUser Profile Picture4.3MEDIUMOne User Avatar < 2.3.7 - Avatar Update via CSRF
CVE-2021-24675WordpressOne User Avatar | User...6.5MEDIUMOne User Avatar < 2.3.7 - Contributor+ Stored Cross-Site Scripting
CVE-2021-24672WordpressOne User Avatar | User...5.4MEDIUMUser Profile Picture < 2.6.0 - Arbitrary User Picture Change/Deletion via IDOR
CVE-2021-24473WordpressUser Profile Picture5.4MEDIUMUser Profile Picture < 2.5.0 - Sensitive Information Disclosure
CVE-2021-24170WordpressUser Profile Picture7.5HIGH
21 June 2024
18 October 2021
2 August 2021
5 April 2021
No more vulnerabilities to load.