CVE-2025-8896 | User Profile Builder Plugin up to 3.14.3 on WordPress GDPR Communication Preferences gdpr_communication_preferences cross site scripting

Inserito da Angelo Barbosa | Ago 15, 2025 | CVE

A vulnerability, which was classified as problematic, was found in User Profile Builder Plugin up to 3.14.3 on WordPress. Affected is the function gdpr_communication_preferences of the component GDPR Communication Preferences Module. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-8896. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-8896 | User Profile Builder Plugin up to 3.14.3 on WordPress GDPR Communication Preferences gdpr_communication_preferences cross site scripting

Post correlati

CVE-2024-12032 | Tourfic Plugin up to 2.15.3 on WordPress sql injection

CVE-2024-57509 | Axiomatic Bento4 mp42avc AP4_File::ParseStream buffer overflow

CVE-2023-3410 | Bricks Plugin up to 1.10.1 on WordPress cross site scripting

CVE-2024-46979 | xwiki-platform NotificationFilterPreferenceLivetableResults information disclosure (GHSA-pg4m-3gp6-hw4w)