CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Cozmoslabs: >> Profile Builder >> 3.11.9 Security Vulnerabilities

CVE-2024-6708

The User Profile Builder WordPress plugin before 3.12.2 does not sanitise and escape some parameters before outputting its content on the admin area, which allows Admin+ users to perform Cross-Site Scripting attacks.

CVSS Score

4.8

EPSS Score

0.0

Published

2025-05-15

Page 1

Vulnerabilities

Vulnerable Software

Cozmoslabs: >> Profile Builder >> 3.11.9 Security Vulnerabilities

Products

Pricing

Contact Us