Vulnerabilities > Userproplugin > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-06-04 CVE-2024-35700 Unspecified vulnerability in Userproplugin Userpro
Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation.This issue affects Userpro: from n/a through 5.1.8.
network
low complexity
userproplugin
critical
9.8
2023-11-22 CVE-2023-2449 Unspecified vulnerability in Userproplugin Userpro
The UserPro plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 5.1.1.
network
low complexity
userproplugin
critical
9.8