Description

WordPress Plugin User Avatar is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin User Avatar version 1.4.6 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 1.4.7 or latest

References

https://wordpress.org/plugins/user-avatar/changelog/

Related Vulnerabilities

WordPress 5.6.x PHP Object Injection (5.6 - 5.6.3)

WordPress Plugin WP Ultimate Exporter SQL Injection (1.1)

WordPress CVE-2012-2400 Vulnerability (CVE-2012-2400)

WordPress Plugin NextGEN Pro Cross-Site Scripting (3.1.9)

WordPress Plugin Events Calendar 'ec_management.class.php' Cross-Site Scripting (6.7.11)

Severity

High

Tags

Missing Update