VYPR

Media Manager for UserPro

by WordPress

CVEs (2)

  • CVE-2024-12822CriJan 30, 2025
    risk 0.64cvss 9.8epss 0.01

    The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the add_capto_img() function in all versions up to, and including, 3.11.0. This makes it possible for…

  • CVE-2024-12821HigJan 30, 2025
    risk 0.57cvss 8.8epss 0.00

    The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the upm_upload_media() function in all versions up to, and including, 3.12.0. This makes it possible…