All 4 CVE vulnerabilities found in User Extra Fields, with AI-generated Chinese analysis, references, and POCs.
Vendor: vanquish
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-69377 | WordPress User Extra Fields plugin <= 17.0 - Arbitrary File Deletion vulnerability CWE-22 | 6.5AI | MediumAI | 2026-02-20 |
| CVE-2025-69376 | WordPress User Extra Fields plugin <= 17.0 - Arbitrary File Deletion vulnerability CWE-22 | 6.5AI | MediumAI | 2026-02-20 |
| CVE-2025-67991 | WordPress User Extra Fields plugin <= 16.8 - Cross Site Scripting (XSS) vulnerability CWE-79 | 6.1AI | MediumAI | 2026-02-20 |
| CVE-2025-67579 | WordPress User Extra Fields plugin <= 16.8 - Broken Access Control vulnerability CWE-862 | 8.1AI | HighAI | 2025-12-09 |
All 4 known CVE vulnerabilities affecting User Extra Fields with full Chinese analysis, references, and POCs where available.