CVE-2025-4671 | Profile Builder Plugin up to 3.13.8 on WordPress Shortcode user_meta/compare cross site scripting

Inserito da Angelo Barbosa | Giu 3, 2025 | CVE

A vulnerability classified as problematic has been found in Profile Builder Plugin up to 3.13.8 on WordPress. This affects the function user_meta/compare of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-4671. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-4671 | Profile Builder Plugin up to 3.13.8 on WordPress Shortcode user_meta/compare cross site scripting

Post correlati

CVE-2025-21627 | GLPI up to 10.0.17 Search Page cross site scripting (GHSA-qm8p-jmj2-qfc2)

CVE-2024-4787 | Cost Calculator Builder Pro Plugin up to 3.1.75 on WordPress Email Sending unknown vulnerability

CVE-2025-21520 | Oracle MySQL Server up to 7.6.32/8.0.40/8.4.3/9.1.0 Options improper authorization

CVE-2024-52675 | SourceCodester Sentiment Based Movie Rating System 1.0 /msrps/movies.php sql injection