CVE-2024-6708 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The User Profile Builder WordPress plugin before 3.12.2 does not sanitise and escape some parameters before outputting its content on the admin area, which all…
Medium CVSS: 4.8

CVE-2024-6708

The User Profile Builder WordPress plugin before 3.12.2 does not sanitise and escape some parameters before outputting its content on the admin area, which allows Admin+ users to perform Cross-Site Scripting attacks.
Vendor
Cozmoslabs
Product
Profile Builder
CWE
CWE-79
Yayın Tarihi
2025-05-15 20:15:55
Güncelleme
2025-06-04 20:09:28
Source Identifier
contact@wpscan.com
KEV Date Added
-

Kategoriler

CWE-79 Profile Builder MEDIUM Cozmoslabs 2025

Referanslar

https://wpscan.com/vulnerability/b6822bd9-f9f9-41a4-ad19-019b1f03bd4c/ https://wpscan.com/vulnerability/b6822bd9-f9f9-41a4-ad19-019b1f03bd4c/