Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

UserPro - Community and User Profile WordPress Plugin — Vulnerabilities & Security Advisories 14

All 14 CVE vulnerabilities found in UserPro - Community and User Profile WordPress Plugin, with AI-generated Chinese analysis, references, and POCs.

Vendor: n/a

CVE IDTitleCVSSSeverityPublished
CVE-2025-4187 UserPro - Community and User Profile WordPress Plugin <= 5.1.10 - Unauthenticated Arbitrary File Read CWE-22 5.9 Medium2025-06-14
CVE-2024-0701 UserPro <= 5.1.6 - Disabled Membership Registration Bypass CWE-602 5.3 Medium2024-02-05
CVE-2023-2439 WordPress plugin UserPro 安全漏洞 6.4 Medium2024-01-31
CVE-2023-2497 UserPro <= 5.1.0 - Cross-Site Request Forgery to PHP Object Injection CWE-352 8.8 High2023-11-22
CVE-2023-6008 UserPro <= 5.1.1 - Cross-Site Request Forgery via multiple functions CWE-352 6.3 Medium2023-11-22
CVE-2023-6009 UserPro <= 5.1.4 - Authenticated (Subscriber+) Privilege Escalation CWE-266 8.8 High2023-11-22
CVE-2023-2449 UserPro <= 5.1.1 - Insecure Password Reset Mechanism CWE-620 9.8 Critical2023-11-22
CVE-2023-2437 UserPro <= 5.1.1 - Authentication Bypass to Administrator CWE-288 9.8 Critical2023-11-22
CVE-2023-2438 UserPro <= 5.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via userpro_save_userdata CWE-352 6.1 Medium2023-11-22
CVE-2023-2448 UserPro <= 5.1.4 - Missing Authorization to Arbitrary Shortcode Execution via userpro_shortcode_template CWE-862 6.5 Medium2023-11-22
CVE-2023-2440 UserPro <= 5.1.1 - Cross-Site Request Forgery to Privilege Escalation CWE-352 8.8 High2023-11-22
CVE-2023-6007 UserPro <= 5.1.1 - Missing Authorization via multiple functions CWE-862 7.3 High2023-11-22
CVE-2023-2446 UserPro <= 5.1.1 - Sensitive Information Disclosure via Shortcode CWE-200 6.5 Medium2023-11-22
CVE-2023-2447 UserPro <= 5.1.1 - Cross-Site Request Forgery to Sensitive Information Exposure CWE-352 6.1 Medium2023-11-22

All 14 known CVE vulnerabilities affecting UserPro - Community and User Profile WordPress Plugin with full Chinese analysis, references, and POCs where available.