CVE-2026-9290 | wpusermanager WP User Manager Plugin up to 2.9.17 on WordPress User Profile path traversal

A vulnerability classified as critical was found in wpusermanager WP User Manager Plugin up to 2.9.17 on WordPress. This impacts an unknown function of the component User Profile Handler. Such manipulation leads to path traversal.

This vulnerability is documented as CVE-2026-9290. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More