| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-36915 | WordPress Profile Builder plugin <= 3.6.0 - Cross-Site Request Forgery (CSRF) vulnerability | Cozmoslabs | Profile Builder – User Profile & User Registration Forms (WordPress plugin) | Medium | 4.2 | 2022-10-11 19:34:00 | Deep Dive |
| CVE-2022-2350 | Disable User Login <= 1.0.1 - Unauthenticated Settings Update | Unknown | Disable User Login | 中危 | - | 2022-10-10 00:00:00 | Deep Dive |
| CVE-2022-36771 | IBM QRadar User Behavior Analytics 安全漏洞 | IBM | QRadar User Behavior Analytics | 中危 | - | 2022-09-28 15:55:16 | Deep Dive |
| CVE-2022-37403 | WordPress Add User Role plugin <= 0.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | Nikhil Vaghela | Add User Role (WordPress plugin) | Medium | 4.8 | 2022-09-09 14:39:54 | Deep Dive |
| CVE-2022-2356 | User Private Files < 1.1.3 - Subscriber+ Arbitrary File Upload | Unknown | Frontend File Manager & Sharing – User Private Files | 高危 | - | 2022-08-08 13:46:51 | Deep Dive |
| CVE-2022-1950 | Youzify < 1.2.0 - Unauthenticated SQLi | Unknown | Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress | 超危 | - | 2022-08-01 12:49:04 | Deep Dive |
| CVE-2021-24655 | WP User Manager < 2.6.3 - Arbitrary User Password Reset to Account Compromise | Unknown | WP User Manager – User Profile Builder & Membership | 高危 | - | 2022-07-17 10:35:28 | Deep Dive |
| CVE-2022-1903 | ARMember < 3.4.8 - Unauthenticated Admin Account Takeover | Unknown | ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup | 高危 | - | 2022-06-27 08:58:19 | Deep Dive |
| CVE-2022-1625 | New User Approve < 2.4 - Arbitrary Settings Update & Invitation Code Creation via CSRF | Unknown | New User Approve | 中危 | - | 2022-06-27 08:57:11 | Deep Dive |
| CVE-2013-1916 | WordPress plugin User Photo 代码问题漏洞 | - | WordPress Plugin User Photo | 高危 | - | 2022-06-24 15:00:17 | Deep Dive |
| CVE-2017-20056 | weblizar User Login Log Plugin Stored cross site scriting | weblizar | User Login Log Plugin | Low | 3.5 | 2022-06-16 12:20:24 | Deep Dive |
| CVE-2022-1208 | Ultimate Member <= 2.3.2 - Stored Cross-Site Scripting | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | Medium | 6.4 | 2022-06-13 12:43:38 | Deep Dive |
| CVE-2022-1790 | New User Email Set Up <= 0.5.2 - Arbitrary Settings Update via CSRF | Unknown | New User Email Set Up | 中危 | - | 2022-06-13 12:42:57 | Deep Dive |
| CVE-2022-1569 | WordPress Forms by Pie Forms < 1.4.9.4 - Admin+ Stored Cross-Site Scripting | Unknown | Drag & Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications & more! | 中危 | - | 2022-06-06 08:51:06 | Deep Dive |
| CVE-2022-0779 | User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal | Unknown | User Meta – User Profile Builder and User management plugin | 中危 | - | 2022-06-06 08:50:49 | Deep Dive |
| CVE-2022-0376 | User Meta < 2.4.3 - Admin+ Stored Cross-Site Scripting | Unknown | User Meta – User Profile Builder and User management plugin | 中危 | - | 2022-05-30 08:35:34 | Deep Dive |
| CVE-2022-21500 | Oracle E-Business Suite 信息泄露漏洞 | Oracle Corporation | User Management | High | 7.5 | 2022-05-19 23:55:08 | Deep Dive |
| CVE-2022-1089 | Bulk Edit and Create User Profiles < 1.5.14 - Admin+ Stored Cross-Site Scripting | Unknown | Bulk Edit and Create User Profiles – WP Sheet Editor | 中危 | - | 2022-05-16 14:30:36 | Deep Dive |
| CVE-2022-1209 | Ultimate Member <= 2.3.1 - Arbitrary Redirect | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | Medium | 4.3 | 2022-05-10 19:34:42 | Deep Dive |
| CVE-2022-0884 | Profile Builder < 3.6.8 - Admin+ Stored Cross-Site Scripting | Unknown | Profile Builder – User Profile & User Registration Forms | 中危 | - | 2022-04-04 15:35:55 | Deep Dive |