Vulnerabilities > Wpusermanager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-23 | CVE-2024-10216 | Missing Authorization vulnerability in Wpusermanager WP User Manager The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'add_sidebar' and 'remove_sidebar' functions in all versions up to, and including, 2.9.11. | 4.3 |
| 2024-11-23 | CVE-2024-10537 | Missing Authorization vulnerability in Wpusermanager WP User Manager The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the validate_user_meta_key() function in all versions up to, and including, 2.9.11. | 4.3 |
| 2024-08-26 | CVE-2024-43336 | Cross-Site Request Forgery (CSRF) vulnerability in Wpusermanager WP User Manager Cross-Site Request Forgery (CSRF) vulnerability in WP User Manager.This issue affects WP User Manager: from n/a through 2.9.10. | 4.3 |