CVE-2026-3139 | cozmoslabs User Profile Builder Plugin up to 3.15.5 on WordPress wppb_save_avatar_value authorization

A vulnerability marked as critical has been reported in cozmoslabs User Profile Builder Plugin up to 3.15.5 on WordPress. This affects the function wppb_save_avatar_value. Performing a manipulation results in authorization bypass.

This vulnerability is identified as CVE-2026-3139. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More