Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wp-eventmanager user profile avatar vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-52118
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Event Manager WP User Profile Avatar allows Stored XSS.This issue affects WP User Profile Avatar: from n/a up to and including 1.0.
Wp-eventmanager Wp Event Manager
4.3
CVSSv3
CVE-2023-6384
The WP User Profile Avatar WordPress plugin prior to 1.0.1 does not properly check for authorisation, allowing authors to delete and update arbitrary avatar
Wp-eventmanager User Profile Avatar
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started