CVE-2026-1644 | WP Frontend Profile Plugin up to 1.3.8 on WordPress update_action cross-site request forgery

Inserito da Angelo Barbosa | Mar 6, 2026 | CVE

A vulnerability, which was classified as problematic, was found in WP Frontend Profile Plugin up to 1.3.8 on WordPress. This vulnerability affects the function update_action. Such manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2026-1644. The attack may be launched remotely. There is no exploit available.

CVE-2026-1644 | WP Frontend Profile Plugin up to 1.3.8 on WordPress update_action cross-site request forgery

Post correlati

CVE-2025-8161 | deerwms deer-wms-2 up to 3.3 /system/role/export params[dataScope] sql injection (ICLQQG)

CVE-2023-32189 | SUSE Manager Server Module 4.3 SSH Key access control

CVE-2024-37663 | Redmi RB03 1.0.57 ICMP Redirect Message Remote Code Execution

CVE-2024-6181 | LabVantage LIMS 2017 height/width cross site scripting