Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor

11 CVEs affecting Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor. Latest disclosed: 2026-03-31. Critical: 1, High: 1.

Top CVEs affecting Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor
CVE	Severity	Score	Published	Summary
`CVE-2023-2297`	Critical	`9.8`	2023-04-26	The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and includi…
`CVE-2024-0324`	High	`8.2`	2024-02-05	The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized modification…
`CVE-2023-0814`	Medium	`6.5`	2023-02-14	The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to sensitive information disclosure via the [user_meta] shortco…
`CVE-2025-13054`	Medium	`6.4`	2025-11-19	The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scriptin…
`CVE-2025-8896`	Medium	`6.4`	2025-08-16	The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scriptin…
`CVE-2025-4671`	Medium	`6.4`	2025-06-03	The Profile Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's user_meta and compare shortcodes in all versions up to…
`CVE-2025-2314`	Medium	`6.4`	2025-04-16	The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scriptin…
`CVE-2024-12738`	Medium	`6.1`	2025-01-07	The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scriptin…
`CVE-2023-47669`	Medium	`5.4`	2023-11-13	Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin…
`CVE-2026-3139`	Medium	`4.3`	2026-03-31	The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Insecure Direct Object Ref…
`CVE-2023-6504`	Medium	`4.3`	2024-01-11	The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized access of dat…