VYPR

Userback

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-14540MedDec 13, 2025
    risk 0.28cvss 4.3epss 0.00

    The Userback plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the userback_get_json function in all versions up to, and including, 1.0.15. This makes it possible for authenticated attackers, with Subscriber-level access and…

  • CVE-2023-46089MedOct 22, 2023
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Lee Le @ Userback Userback plugin <= 1.0.13 versions.