Vulnerabilidades en wpusermanager
4 resultadosCVE-2026-9290HIGHWP User Manager <= 2.9.17 - Unauthenticated Path Traversal to Local File Inclusion via 'tab' Query ParameterEPSS 2.4%CVE-2025-13320MEDIUMWP User Manager <= 2.9.12 - Authenticated (Subscriber+) Arbitrary File Deletion via 'current_user_avatar' ParameterEPSS 0.7%CVE-2024-10216MEDIUMWP User Manager – User Profile Builder & Membership <= 2.9.11 - Missing Authorization to Carbon Fields Custom Sidebar Addition/RemovalEPSS 0.4%CVE-2024-10537MEDIUMWP User Manager – User Profile Builder & Membership <= 2.9.11 - Missing Authorization to Authenticated (Subscriber+) User Meta Key EnumerationEPSS 0.4%