Vulnerabilidades em Cozmoslabs
42 resultadosCVE-2022-0653MEDIUMProfile Builder – User Profile & User Registration Forms <= 3.6.1 Reflected Cross-Site ScriptingEPSS 2.7%CVE-2024-0324HIGHUser Profile Builder <= 3.10.8 - Missing Authorization to Plugin Settings Change via wppb_two_factor_authentication_settings_updateEPSS 2.4%CVE-2023-2297CRITICALProfile Builder – User Profile & User Registration Forms <= 3.9.0 - Insecure Password Reset MechanismEPSS 1.0%CVE-2023-0814MEDIUMProfile Builder – User Profile & User Registration Forms <= 3.9.0 - Sensitive Information Disclosure via ShortcodeEPSS 0.8%CVE-2025-30773HIGHWordPress TranslatePress plugin <= 2.9.6 - PHP Object Injection VulnerabilityEPSS 0.7%CVE-2024-12919CRITICALPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.7 - Authentication Bypass via pms_payment_idEPSS 0.5%CVE-2024-1390MEDIUMPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via creating_pricing_table_pageEPSS 0.5%CVE-2025-8895CRITICALWP Webhooks <= 3.3.5 - Unauthenticated Arbitrary File CopyEPSS 0.5%CVE-2024-1389MEDIUMPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via pms_stripe_connect_handle_authorization_returnEPSS 0.5%CVE-2024-22141MEDIUMWordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Sensitive Data ExposureEPSS 0.5%CVE-2026-7647HIGHProfile Builder Pro <= 3.14.5 - Unauthenticated PHP Object InjectionEPSS 0.5%CVE-2024-11291MEDIUMPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.4 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.5%CVE-2024-10261HIGHPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.0 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.4%CVE-2025-54017HIGHWordPress Paid Member Subscriptions <= 2.15.4 - Local File Inclusion VulnerabilityEPSS 0.4%CVE-2024-5639MEDIUMUser Profile Picture <= 2.6.1 - Authenticated (Author+) Insecure Direct Object Reference to Profile Picture UpdateEPSS 0.4%CVE-2026-27413CRITICALWordPress Profile Builder Pro plugin < 3.14.0 - SQL Injection vulnerabilityEPSS 0.4%CVE-2024-12738MEDIUMUser Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.12.9 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.4%CVE-2025-66073HIGHWordPress WP Webhooks plugin <= 3.3.8 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2024-9222MEDIUMPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.12.8 - Reflected Cross-Site ScriptingEPSS 0.4%CVE-2023-6504MEDIUMProfile Builder <= 3.10.7 - Insecure Direct Object Reference to Sensitive Information Exposure via user_meta ShortcodeEPSS 0.3%