Known Vulnerabilities for User Profile Picture by Cozmoslabs
Listed below are 3 of the newest known vulnerabilities associated with "User Profile Picture" by "Cozmoslabs".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33679 json | Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, the `DownloadImage` function in `pkg/... | Not Provided | 2026-03-24 | 2026-03-24 |
| CVE-2026-1213 json | All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the... | Not Provided | 2026-01-27 | 2026-01-27 |
| CVE-2024-6410 json | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Refere... | Not Provided | 2024-07-10 | 2026-04-08 |
| CVE-2024-5639 json | The User Profile Picture plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and in... | Not Provided | 2024-06-21 | 2026-04-08 |
| CVE-2021-24473 json | The User Profile Picture WordPress plugin before 2.6.0 was affected by an IDOR issue, allowing users with the upload_image ca... | 5.4 - MEDIUM | 2021-08-02 | 2021-09-20 |
| CVE-2021-24170 json | The REST API endpoint get_users in the User Profile Picture WordPress plugin before 2.5.0 returned more information than was ... | 7.5 - HIGH | 2021-04-05 | 2021-04-09 |