CVE-2025-4187 | UserPro Plugin up to 5.1.10 on WordPress userpro_fbconnect path traversal

June 13, 2025 Yanac

A vulnerability, which was classified as critical, was found in UserPro Plugin up to 5.1.10 on WordPress. This affects the function userpro_fbconnect. The manipulation leads to path traversal.

This vulnerability is uniquely identified as CVE-2025-4187. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-6070 | Restrict File Access Plugin up to 1.1.2 on WordPress output path traversal
CVE-2025-5487 | AutomatorWP Plugin up to 5.2.3/5.2.5 on WordPress field_conditions sql injection