Vanquish User Extra Fields
4 CVEs affecting Vanquish User Extra Fields. Latest disclosed: 2026-02-20. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-69376 | High | 8.6 | 2026-02-20 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Path Tra… |
CVE-2025-69377 | High | 7.7 | 2026-02-20 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Path Tra… |
CVE-2025-67991 | High | 7.1 | 2026-02-20 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Re… |
CVE-2025-67579 | Medium | 5.3 | 2025-12-09 | Missing Authorization vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Exploiting Incorrectly Configured Access Control Security Levels… |