CVE-2025-9344 | UsersWP Plugin up to 1.2.42 on WordPress Shortcode uwp_profile_header cross site scripting

Inserito da Angelo Barbosa | Ago 27, 2025 | CVE

A vulnerability has been found in UsersWP Plugin up to 1.2.42 on WordPress and classified as problematic. Affected is the function uwp_profile_header of the component Shortcode Handler. Performing manipulation results in cross site scripting.

This vulnerability is cataloged as CVE-2025-9344. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-9344 | UsersWP Plugin up to 1.2.42 on WordPress Shortcode uwp_profile_header cross site scripting

Post correlati

CVE-2025-0397 | reckcn SPPanAdmin 1.0 /;/admin/role/edit name cross site scripting

CVE-2024-28233 | JupyterHub up to 4.0.x cross site scripting

CVE-2024-20138 | MediaTek MT8390 WLAN Driver out-of-bounds (MSV-1604 / ALPS08998291)

CVE-2024-27188 | Cloudways Breeze Plugin up to 2.1.3 on WordPress cross site scripting