Known Vulnerabilities for User Pro by Userproplugin
Listed below are 1 of the newest known vulnerabilities associated with "User Pro" by "Userproplugin".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-50591 json | In Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences. | Not Provided | 2026-06-05 | 2026-06-05 |
| CVE-2026-50213 json | The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by i... | Not Provided | 2026-06-04 | 2026-06-04 |
| CVE-2026-50212 json | Weak validation logic within device dissociation API routines allows a remote entity to forcefully unbind unrelated user endp... | Not Provided | 2026-06-04 | 2026-06-04 |
| CVE-2026-50031 json | ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management... | Not Provided | 2026-06-03 | 2026-06-03 |
| CVE-2026-49491 json | Pixa Bank 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to extract sensitive data by inje... | Not Provided | 2026-06-01 | 2026-06-02 |
| CVE-2026-49433 json | The DeepAI endpoint 'https://api.deepai.org/change_user_email' accepts POST requests without any CSRF protection. If an attac... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-49367 json | In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account | Not Provided | 2026-05-29 | 2026-05-30 |
| CVE-2026-49328 json | Server-Side Request Forgery (SSRF) in the UrlImageConverter component of Apache Fesod (Incubating) fesod-sheet before 2.0.2-i... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-49322 json | Weak authentication in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows ... | Not Provided | 2026-05-29 | 2026-05-29 |
| CVE-2026-49318 json | Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model ... | Not Provided | 2026-05-29 | 2026-05-29 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Userproplugin | User Pro | 4.9.9 | |||
| Application | Userproplugin | User Pro | 4.9.8.1 | |||
| Application | Userproplugin | User Pro | 4.9.8 | |||
| Application | Userproplugin | User Pro | 4.9.7 | |||
| Application | Userproplugin | User Pro | 4.9.6 | |||
| Application | Userproplugin | User Pro | 4.9.5 | |||
| Application | Userproplugin | User Pro | 4.9.4 | |||
| Application | Userproplugin | User Pro | 4.9.32 | |||
| Application | Userproplugin | User Pro | 4.9.30 | |||
| Application | Userproplugin | User Pro | 4.9.3 | |||
| Application | Userproplugin | User Pro | 4.9.29 | |||
| Application | Userproplugin | User Pro | 4.9.28 | |||
| Application | Userproplugin | User Pro | 4.9.27 | |||
| Application | Userproplugin | User Pro | 4.9.26 | |||
| Application | Userproplugin | User Pro | 4.9.25 | |||
| Application | Userproplugin | User Pro | 4.9.24 | |||
| Application | Userproplugin | User Pro | 4.9.23 | |||
| Application | Userproplugin | User Pro | 4.9.22 | |||
| Application | Userproplugin | User Pro | 4.9.21 | |||
| Application | Userproplugin | User Pro | 4.9.20 |