CVE-2025-3921 | PeproDev Ultimate Profile Solutions Plugin 1.9.1/7.5.2 on WordPress User Meta Update handel_ajax_req authorization

Inserito da Angelo Barbosa | Mag 6, 2025 | CVE

A vulnerability was found in PeproDev Ultimate Profile Solutions Plugin 1.9.1/7.5.2 on WordPress. It has been classified as problematic. Affected is the function handel_ajax_req of the component User Meta Update Handler. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2025-3921. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-3921 | PeproDev Ultimate Profile Solutions Plugin 1.9.1/7.5.2 on WordPress User Meta Update handel_ajax_req authorization

Post correlati

CVE-2024-3147 | DedeCMS 5.7 makehtml_map.php cross-site request forgery

CVE-2025-23031 | LabRedesCefetRJ WeGIA up to 3.2.5 adicionar_alergia.php nome cross site scripting (GHSA-wp4f-qhh2-8vfv)

CVE-2024-3420 | SourceCodester Online Courseware 1.0 admin/saveedit.php id sql injection

CVE-2024-34750 | Apache Tomcat up to 9.0.89/10.1.24/11.0.0-M20 HTTP/2 Stream exceptional condition