CVE-2025-4671 | Profile Builder Plugin up to 3.13.8 on WordPress Shortcode user_meta/compare cross site scripting

Inserito da Angelo Barbosa | Giu 3, 2025 | CVE

A vulnerability classified as problematic has been found in Profile Builder Plugin up to 3.13.8 on WordPress. This affects the function user_meta/compare of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-4671. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-4671 | Profile Builder Plugin up to 3.13.8 on WordPress Shortcode user_meta/compare cross site scripting

Post correlati

CVE-2014-4931 | Symfony FrameworkBundle code injection

CVE-2024-52438 | deco.agency de:branding Plugin up to 1.0.2 on WordPress missing authentication

CVE-2025-20118 | Cisco Application Policy Infrastructure Controller up to 6.1(1f) System CLI Command improper removal of sensitive information before storage or transfer (cisco-sa-apic-multi-vulns-9ummtg5)

CVE-2023-37244 | N-Able AutomationManagerAgent up to 2.80.0.1 AutomationManager.AgentService.exe race condition (MNDT-2023-0016)