CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24473 – User Profile Picture < 2.6.0 - Arbitrary User Picture Change/Deletion via IDOR
https://notcve.org/view.php?id=CVE-2021-24473
The User Profile Picture WordPress plugin before 2.6.0 was affected by an IDOR issue, allowing users with the upload_image capability (by default author and above) to change and delete the profile pictures of other users (including those with higher roles). El plugin de WordPress User Profile Picture versiones anteriores a 2.6.0, estaba afectado por un problema de IDOR, permitiendo a usuarios con la capacidad upload_image (por defecto author y superior) cambiar y eliminar las fotos de perfil de otros usuarios (incluidos aquellos con roles superiores) • https://wpscan.com/vulnerability/79982ea9-4733-4b1e-a43e-17629c1136de • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24170 – User Profile Picture < 2.5.0 - Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2021-24170
The REST API endpoint get_users in the User Profile Picture WordPress plugin before 2.5.0 returned more information than was required for its functionality to users with the upload_files capability. This included password hashes, hashed user activation keys, usernames, emails, and other less sensitive information. El endpoint de la API REST get_users en el plugin de WordPress User Profile Picture versiones anteriores a 2.5.0, devolvió más información de la necesaria para su funcionalidad a usuarios con la capacidad upload_files. Esto incluía hash de contraseña, claves de activación de usuario con hash, nombres de usuario, correos electrónicos y otra información menos confidencial • https://wpscan.com/vulnerability/29fc5b0e-0a5f-4484-a1e6-a0a1206726cc https://www.wordfence.com/blog/2021/03/medium-severity-vulnerability-patched-in-user-profile-picture-plugin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10911 – Profile Builder – User Profile & User Registration Forms < 2.4.2 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2016-10911
The profile-builder plugin before 2.4.2 for WordPress has multiple XSS issues. El plugin profile-builder anterior a la versión 2.4.2 para WordPress tiene múltiples problemas de XSS. • https://wordpress.org/plugins/profile-builder/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9328 – Profile Builder – User Profile & User Registration Forms <= 2.2.4 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9328
The profile-builder plugin before 2.2.5 for WordPress has XSS. El plugin generador de perfiles anterior a la versión 2.2.5 para WordPress tiene XSS. The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'loginerror', 'wckerrorfields', 'wckerrormessages', and 'field_name' parameters in versions up to, and including, 2.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wordpress.org/plugins/profile-builder/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9337 – Profile Builder <= 2.1.3 - Missing Access Controls
https://notcve.org/view.php?id=CVE-2015-9337
The profile-builder plugin before 2.1.4 for WordPress has no access control for activating or deactivating addons via AJAX. El plugin generador de perfiles anterior a la versión 2.1.4 para WordPress no tiene control de acceso para activar o desactivar complementos a través de AJAX. • https://wordpress.org/plugins/profile-builder/#developers • CWE-284: Improper Access Control •