CVE-2026-3629 | carazo Import and Export Users and Customers Plugin up to 1.29.7 on WordPress save_extra_user_profile_fields privileges management

Inserito da Angelo Barbosa | Mar 22, 2026 | CVE

A vulnerability was found in carazo Import and Export Users and Customers Plugin up to 1.29.7 on WordPress. It has been classified as critical. Affected by this vulnerability is the function save_extra_user_profile_fields. The manipulation leads to improper privilege management.

This vulnerability is referenced as CVE-2026-3629. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is recommended.

CVE-2026-3629 | carazo Import and Export Users and Customers Plugin up to 1.29.7 on WordPress save_extra_user_profile_fields privileges management

Post correlati

CVE-2023-51820 | Blurams Lumi Security Camera 2.3.38.12558 Local Privilege Escalation

CVE-2025-34119 | Tinasoft EasyCafe Server 2.2.14 exposure of resource (EDB-39102)

CVE-2024-30314 | Adobe Dreamweaver Desktop up to 21.3 os command injection (apsb24-39)

CVE-2024-35538 | Typecho 1.3.0 Handler X-Forwarded-For unknown vulnerability