All 7 CVE vulnerabilities found in UsersWP, with AI-generated Chinese analysis, references, and POCs.
Vendor: Stiofan
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25015 | WordPress UsersWP plugin <= 1.2.53 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 | 4.3 | Medium | 2026-02-03 |
| CVE-2025-67593 | WordPress UsersWP plugin <= 1.2.48 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 | 4.3 | Medium | 2025-12-09 |
| CVE-2025-66072 | WordPress UsersWP plugin <= 1.2.47 - Broken Access Control vulnerability CWE-862 | 5.3 | Medium | 2025-11-21 |
| CVE-2024-43277 | WordPress UsersWP plugin <= 1.2.15 - Broken Access Control vulnerability CWE-862 | 5.3 | Medium | 2024-11-01 |
| CVE-2024-6477 | UsersWP < 1.2.12 - Users Information Disclosure | 5.3AI | MediumAI | 2024-08-03 |
| CVE-2024-31936 | WordPress UsersWP plugin < 1.2.6 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 | 5.4 | Medium | 2024-04-11 |
| CVE-2022-47442 | WordPress UsersWP plugin <= 1.2.3.9 - CSV Injection CWE-1236 | 5.8 | Medium | 2023-11-07 |
All 7 known CVE vulnerabilities affecting UsersWP with full Chinese analysis, references, and POCs where available.