Vulnerabilities in WP User Manager

3 results

CVE-2026-49766CRITICALWordPress WP User Manager plugin <= 2.9.16 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2025-60245CRITICALWordPress WP User Manager plugin <= 2.9.12 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2024-43336MEDIUMWordPress WP User Manager – User Profile Builder & Membership plugin <= 2.9.10 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%