10up Simple Local Avatars

3 CVEs affecting 10up Simple Local Avatars. Latest disclosed: 2025-08-12. Critical: 0, High: 0.

Top CVEs affecting 10up Simple Local Avatars
CVESeverityScorePublishedSummary
CVE-2025-8482Medium4.32025-08-12The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of data in version 2.8.4. This is due to a missing capability check on…
CVE-2024-10786Medium4.32024-11-16The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the sla_clear_user_cache f…
CVE-2024-43116Medium4.32024-08-26Cross-Site Request Forgery (CSRF) vulnerability in 10up Simple Local Avatars.This issue affects Simple Local Avatars: from n/a through 2.7.10.