Vulnerabilities > WP User Project > WP User > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-28 | CVE-2021-25034 | Cross-site Scripting vulnerability in WP User Project WP User The WP User WordPress plugin before 7.0 does not sanitise and escape some parameters in pages where the [wp_user] shortcode is used, leading to Reflected Cross-Site Scripting issues | 4.3 |