Kainelabs

Youzify

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-13368

  • EPSS 0.19%
  • Veröffentlicht 25.01.2025 08:15:08
  • Zuletzt bearbeitet 04.02.2025 19:39:27

The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the youzify_offer_banner() function in all versions up t...

6.5

CVE-2024-13370

  • EPSS 0.25%
  • Veröffentlicht 25.01.2025 08:15:08
  • Zuletzt bearbeitet 04.02.2025 19:38:23

The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the save_addon_key_license() function in all versions up...

4.3

CVE-2024-12113

  • EPSS 0.19%
  • Veröffentlicht 25.01.2025 08:15:07
  • Zuletzt bearbeitet 28.05.2025 20:40:11

The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete_user_review() and delete_review() funct...

8.8

CVE-2024-39635

  • EPSS 0.23%
  • Veröffentlicht 01.11.2024 15:15:36
  • Zuletzt bearbeitet 28.05.2025 20:57:40

Missing Authorization vulnerability in KaineLabs Youzify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Youzify: from n/a through 1.2.6.

4.3

CVE-2024-9067

  • EPSS 0.21%
  • Veröffentlicht 10.10.2024 03:15:02
  • Zuletzt bearbeitet 15.10.2024 14:31:21

The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'delete_attachment' function in all ve...

5.4

CVE-2024-8987

  • EPSS 0.39%
  • Veröffentlicht 10.10.2024 02:15:03
  • Zuletzt bearbeitet 15.10.2024 13:45:29

The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's youzify_media shortcode in all versions up to, and including, 1.3.0 ...

8.8

CVE-2024-37494

  • EPSS 1.27%
  • Veröffentlicht 09.07.2024 09:15:03
  • Zuletzt bearbeitet 21.11.2024 09:23:56

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in KaineLabs Youzify.This issue affects Youzify: from n/a through 1.2.5.

8.8

CVE-2024-4742

  • EPSS 0.61%
  • Veröffentlicht 20.06.2024 02:15:11
  • Zuletzt bearbeitet 21.11.2024 09:43:30

The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the order_by shortcode attribute in all versions up to, and including, 1.2.5 due to insufficien...

6.1

CVE-2024-2864

  • EPSS 0.08%
  • Veröffentlicht 25.03.2024 11:15:45
  • Zuletzt bearbeitet 28.05.2025 18:50:59

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KaineLabs Youzify - Buddypress Moderation.This issue affects Youzify - Buddypress Moderation: from n/a through 1.2.5.

6.5

CVE-2023-47191

  • EPSS 0.17%
  • Veröffentlicht 21.12.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:29:55

Authorization Bypass Through User-Controlled Key vulnerability in KaineLabs Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress.This issue affects Youzify – BuddyPress Community, User Profile, Social Network...