User Meta – User Profile Builder and User management plugin

Information

Software Type Plugin
Software Slug user-meta (view on wordpress.org)
Software Status Removed
Software Author khaledsaikat
Software Website user-meta.com
Software Downloads 173,082
Software Active Installs 1,000
Software Record Last Updated December 14, 2024

5 Vulnerabilities

Title Status CVE ID CVSS Researchers Date
User Meta – User Profile Builder and User management plugin <= 3.1 - Insecure Direct Object Reference to Sensitive Information Exposure Unpatched CVE-2024-9262 6.5 wesley (wcraft) November 8, 2024
User Meta <= 3.0 - Unauthenticated Sensitive Information Exposure Patched CVE-2024-33575 5.3 stealthcopter April 25, 2024
User Meta – User Profile Builder and User management plugin <= 2.4.3 - Path Traversal Patched CVE-2022-0779 4.3 Julien Ahrens May 16, 2022
User Meta <= 2.4.2 - Authenticated (Admin+) Cross-Site Scripting Patched CVE-2022-0376 5.5 Niraj Mahajan May 9, 2022
User Meta – User Profile Builder and User management plugin 1.1.1 - Arbitrary File Upload Patched 6.5 Adrien Thierry August 1, 2014

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation