Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress — Vulnerabilities & Security Advisories 10

All 10 CVE vulnerabilities found in Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2026-1559 Youzify <= 1.3.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'checkin_place_id' Parameter CWE-79 6.4 Medium2026-04-18
CVE-2024-13370 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.3 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update (save_addon_key_license) CWE-862 6.5 Medium2025-01-25
CVE-2024-13368 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update CWE-862 4.3 Medium2025-01-25
CVE-2024-12113 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress By KaineLabs <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Review Deletion CWE-862 4.3 Medium2025-01-25
CVE-2024-9067 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.0 - Missing Authorization to Arbitrary (Subscriber+) Attachment Deletion CWE-862 4.3 Medium2024-10-10
CVE-2024-8987 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via youzify_media Shortcode CWE-79 6.4 Medium2024-10-10
CVE-2024-4742 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.2.5 - Authenticated (Contributor+) SQL Injection CWE-89 6.5 Medium2024-06-20
CVE-2023-47191 WordPress Youzify Plugin <= 1.2.2 is vulnerable to Insecure Direct Object References (IDOR) CWE-639 6.5 Medium2023-12-21
CVE-2022-1950 Youzify < 1.2.0 - Unauthenticated SQLi CWE-89 9.8 -2022-08-01
CVE-2021-24443 Youzify < 1.0.7 - Stored Cross-Site Scripting via Biography CWE-79 5.4 -2021-08-02

All 10 known CVE vulnerabilities affecting Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress with full Chinese analysis, references, and POCs where available.