Known Vulnerabilities for products from Userproplugin
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Userproplugin".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-35700 json | Incorrect Privilege Assignment vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through <= ... | Not Provided | 2024-06-04 | 2026-04-23 |
| CVE-2024-0701 json | The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 5.1.6. This i... | Not Provided | 2024-02-05 | 2026-04-08 |
| CVE-2023-6009 json | The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.4 due to insuffi... | Not Provided | 2023-11-22 | 2026-04-08 |
| CVE-2023-6008 json | The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is... | Not Provided | 2023-11-22 | 2026-04-08 |
| CVE-2023-6007 json | The UserPro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a mi... | Not Provided | 2023-11-22 | 2026-04-08 |
| CVE-2023-2497 json | The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.0. This is... | Not Provided | 2023-11-22 | 2026-04-08 |
| CVE-2023-2449 json | The UserPro plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 5.1.1. This i... | Not Provided | 2023-11-22 | 2026-04-08 |
| CVE-2023-2448 json | The UserPro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'userp... | Not Provided | 2023-11-22 | 2026-04-08 |
| CVE-2023-2447 json | The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is... | Not Provided | 2023-11-22 | 2026-04-08 |
| CVE-2023-2446 json | The UserPro plugin for WordPress is vulnerable to sensitive information disclosure via the 'userpro' shortcode in versions up... | Not Provided | 2023-11-22 | 2026-04-08 |
| CVE-2023-2440 json | The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is... | Not Provided | 2023-11-22 | 2026-04-08 |
| CVE-2023-2438 json | The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.0. This is... | Not Provided | 2023-11-22 | 2026-04-08 |
| CVE-2023-2437 json | The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.1. This is due ... | Not Provided | 2023-11-22 | 2026-04-08 |
| CVE-2019-14470 json | cosenary Instagram-PHP-API (aka Instagram PHP API V2), as used in the UserPro plugin through 4.9.32 for WordPress, has XSS vi... | 6.1 - MEDIUM | 2019-09-04 | 2019-09-05 |
| CVE-2018-16285 json | The UserPro plugin through 4.9.23 for WordPress allows XSS via the shortcode parameter in a userpro_shortcode_template action... | 6.1 - MEDIUM | 2018-09-06 | 2018-11-02 |
| CVE-2017-16562 json | The UserPro plugin before 4.9.17.1 for WordPress, when used on a site with the "admin" username, allows remote attackers to b... | Not Provided | 2017-11-10 | 2025-04-20 |