Vulnerabilities in youzify
8 resultsCVE-2024-4742MEDIUMYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.2.5 - Authenticated (Contributor+) SQL InjectionEPSS 0.5%CVE-2024-13370MEDIUMYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.3 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update (save_addon_key_license)EPSS 0.4%CVE-2024-13368MEDIUMYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options UpdateEPSS 0.3%CVE-2024-12113MEDIUMYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress By KaineLabs <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Review DeletionEPSS 0.3%CVE-2024-9067MEDIUMYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.0 - Missing Authorization to Arbitrary (Subscriber+) Attachment DeletionEPSS 0.3%CVE-2024-8987MEDIUMYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via youzify_media ShortcodeEPSS 0.3%CVE-2026-1559MEDIUMYouzify <= 1.3.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'checkin_place_id' ParameterEPSS 0.2%CVE-2025-69014MEDIUMWordPress Youzify plugin <= 1.3.7 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.1%