Kainelabs Youzify
13 CVEs affecting Kainelabs Youzify. Latest disclosed: 2025-01-25. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-1950 | Critical | 9.8 | 2022-08-01 | The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthent… |
CVE-2024-37494 | High | 8.5 | 2024-07-09 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in KaineLabs Youzify.This issue affects Youzify: from n/a th… |
CVE-2024-2864 | High | 7.3 | 2024-03-25 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KaineLabs Youzify - Buddypress Moderation.This issue affe… |
CVE-2024-13370 | Medium | 6.5 | 2025-01-25 | The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized access du… |
CVE-2024-4742 | Medium | 6.5 | 2024-06-20 | The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the… |
CVE-2023-47191 | Medium | 6.5 | 2023-12-21 | Authorization Bypass Through User-Controlled Key vulnerability in KaineLabs Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin fo… |
CVE-2024-8987 | Medium | 6.4 | 2024-10-10 | The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scri… |
CVE-2024-39635 | Medium | 5.4 | 2024-11-01 | Missing Authorization vulnerability in KaineLabs Youzify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Youzify: fr… |
CVE-2023-0059 | Medium | 5.4 | 2023-02-21 | The Youzify WordPress plugin before 1.2.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the sh… |
CVE-2021-24443 | Medium | 5.4 | 2021-08-02 | The About Me widget of the Youzify – BuddyPress Community, User Profile, Social Network & Membership WordPress plugin before 1.0.7 does not properly sanitise i… |
CVE-2024-13368 | Medium | 4.3 | 2025-01-25 | The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized access du… |
CVE-2024-12113 | Medium | 4.3 | 2025-01-25 | The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized loss of d… |
CVE-2024-9067 | Medium | 4.3 | 2024-10-10 | The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modificat… |