Userpro — Vulnerabilities & Security Advisories 7

All 7 CVE vulnerabilities found in Userpro, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-53444	WordPress Userpro plugin < 5.1.11 - Cross Site Request Forgery (CSRF) vulnerability CWE-352	4.3	Medium	2026-04-15
CVE-2025-68608	WordPress Userpro plugin <= 5.1.9 - Broken Access Control vulnerability CWE-862	7.5	High	2025-12-24
CVE-2024-56210	WordPress UserPro plugin <= 5.1.9 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79	7.1	High	2024-12-31
CVE-2024-56212	WordPress UserPro plugin <= 5.1.9 - SQL Injection vulnerability CWE-89	8.5	High	2024-12-31
CVE-2024-56211	WordPress UserPro plugin <= 5.1.9 - Authenticated Arbitrary User Meta Update vulnerability CWE-862	8.8	High	2024-12-31
CVE-2024-56214	WordPress UserPro plugin <= 5.1.9 - Local File Inclusion vulnerability CWE-35	8.3	High	2024-12-31
CVE-2024-35700	WordPress UserPro plugin <= 5.1.8 - Unauthenticated Account Takeover vulnerability CWE-266	9.8	Critical	2024-06-04

All 7 known CVE vulnerabilities affecting Userpro with full Chinese analysis, references, and POCs where available.