UsersWP
Stiofan
Developer
1.2.61
Latest version
20,000
Installations
No date
Last updated
Vulnerability history
0 present
15 patched
3 Mitigation rules
- Authenticated (Subscriber+) Stored Cross-Site Scripting via User Badge Link Substitution vulnerability<= 1.2.604 days ago
- Authenticated (Subscriber+) Server-Side Request Forgery via 'uwp_crop' Parameter vulnerability<= 1.2.584 days ago
- Authenticated (Subscriber+) Restricted Usermeta Modification via 'htmlvar' Parameter vulnerability<= 1.2.587 days ago
- Cross Site Request Forgery (CSRF) vulnerability<= 1.2.5328/01/2026
- Cross Site Request Forgery (CSRF) vulnerability<= 1.2.4815/12/2025
- Broken Access Control vulnerability<= 1.2.4725/11/2025
- Authenticated (Subscriber+) SQL Injection vulnerability<= 1.2.4406/09/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 1.2.4227/08/2025
- Broken Access Control vulnerability<= 1.2.1516/08/2024
- Users Information Disclosure vulnerability< 1.2.1205/08/2024
- Unauthenticated SQL Injection via 'uwp_sort_by' vulnerability<= 1.2.1001/07/2024
- Cross Site Request Forgery (CSRF) vulnerability< 1.2.610/04/2024
- Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability<= 1.2.614/03/2024
- CSV Injection<= 1.2.3.920/02/2023
- Authenticated (Administrator+) CSV Injection vulnerability<= 1.2.3.923/12/2022