CVE-2024-33575 – WordPress User Meta plugin <= 3.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-33575
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in User Meta user-meta.This issue affects User Meta: from n/a through 3.0. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en User Meta user-meta. Este problema afecta a User Meta: desde n/a hasta 3.0. The User Meta – User Profile Builder and User management plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0 via the /views/debug.php file. This makes it possible for unauthenticated attackers, with to extract sensitive configuration data. • https://patchstack.com/database/vulnerability/user-meta/wordpress-user-meta-plugin-3-0-sensitive-data-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-1661 – Display post meta, term meta, comment meta, and user meta <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2023-1661
The Display post meta, term meta, comment meta, and user meta plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post metadata in versions up to, and including, 0.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The Display post meta, term meta, comment meta, and user meta plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post metadata in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wordpress.org/plugins/display-metadata/#developers https://www.wordfence.com/threat-intel/vulnerabilities/id/6f90c0d8-ede6-4f24-870f-19e888238e93?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-22718 – WordPress User Meta Manager Plugin <= 3.4.9 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-22718
Reflected Cross-Site Scripting (XSS) vulnerability in Jason Lau User Meta Manager plugin <= 3.4.9 versions. The User Meta Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 3.4.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/user-meta-manager/wordpress-user-meta-manager-plugin-3-4-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-23712 – WordPress User Meta Manager Plugin <= 3.4.9 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-23712
Cross-Site Request Forgery (CSRF) vulnerability in User Meta Manager plugin <= 3.4.9 versions. The User Meta Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4.9. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unknown action granted they can trick a site administrator into performing an action such as clicking on a link. The impact of this vulnerability is unknown. • https://patchstack.com/database/vulnerability/user-meta-manager/wordpress-user-meta-manager-plugin-3-4-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2022-0779 – User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal
https://notcve.org/view.php?id=CVE-2022-0779
The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its um_show_uploaded_file AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads El plugin User Meta de WordPress versiones anteriores a 2.4.4, no comprueba el parámetro filepath de su acción AJAX um_show_uploaded_file, lo que podría permitir a usuarios con pocos privilegios, como el suscriptor, enumerar los archivos locales en el servidor web por medio de cargas útiles de salto de ruta WordPress User Meta Lite and Pro plugin versions 2.4.3 and below suffer from a path traversal vulnerability. • https://wpscan.com/vulnerability/9d4a3f09-b011-4d87-ab63-332e505cf1cd • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •