Vulnerabilities > Cozmoslabs > Profile Builder > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-05 | CVE-2024-0324 | Missing Authorization vulnerability in Cozmoslabs Profile Builder The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wppb_two_factor_authentication_settings_update' function in all versions up to, and including, 3.10.8. | 7.5 |
| 2024-01-31 | CVE-2024-22140 | Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile Builder Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a through 3.10.0. | 8.8 |
| 2024-01-24 | CVE-2024-22141 | Information Exposure vulnerability in Cozmoslabs Profile Builder Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a through 3.10.0. | 7.5 |
| 2023-11-13 | CVE-2023-47669 | Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile Builder Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin <= 3.10.3 versions. | 8.8 |
| 2023-04-27 | CVE-2023-2297 | Improper Authentication vulnerability in Cozmoslabs Profile Builder The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 3.9.0. | 8.1 |