CVE Tools

cozmoslabs

Web & CMS Pluginscommercial

17

Cumulative CVEs

5

Monthly snapshots

#107

Peak rank

Top products

translatepress1 user profile builder – beautiful user registration forms, user profiles & user role editor1 paid membership subscriptions – effortless memberships, recurring payments & content restriction1

Latest CVEs

The 15 most recently published vulnerabilities affecting cozmoslabs.

CVE-2026-42385WordPress Profile Builder Pro plugin <= 3.15.0 - Cross Site Scripting (XSS) vulnerability7.1Jun 17, 2026
CVE-2026-39514WordPress Paid Member Subscriptions plugin <= 2.17.3 - Reflected Cross Site Scripting (XSS) vulnerability7.1Jun 15, 2026
CVE-2026-7647Profile Builder Pro <= 3.14.5 - Unauthenticated PHP Object Injection8.1May 2, 2026
CVE-2026-3139User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.15.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Post Author Reassignment via Avatar Field4.3Mar 31, 2026
CVE-2026-27413WordPress Profile Builder Pro plugin < 3.14.0 - SQL Injection vulnerability9.3Mar 19, 2026
CVE-2025-68514WordPress Paid Member Subscriptions plugin <= 2.16.8 - Insecure Direct Object References (IDOR) vulnerability6.5Feb 20, 2026
CVE-2025-66074WordPress WP Webhooks plugin <= 3.3.8 - Arbitrary File Upload vulnerability9.0Dec 18, 2025
CVE-2025-66073WordPress WP Webhooks plugin <= 3.3.8 - PHP Object Injection vulnerability7.2Nov 21, 2025
CVE-2025-13054User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.14.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode6.4Nov 19, 2025
CVE-2025-58592WordPress TranslatePress Plugin <= 2.10.2 - Deserialization of untrusted data Vulnerability8.1Nov 6, 2025
CVE-2025-11835Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.16.4 - Missing Authorization to Unauthenticated Arbitrary Member Subscription Auto Renewal5.3Nov 5, 2025
CVE-2025-58600WordPress Paid Member Subscriptions Plugin <= 2.15.9 - Broken Access Control Vulnerability5.3Sep 3, 2025
CVE-2025-8895WP Webhooks <= 3.3.5 - Unauthenticated Arbitrary File Copy9.8Aug 21, 2025
CVE-2025-54017WordPress Paid Member Subscriptions <= 2.15.4 - Local File Inclusion Vulnerability7.5Aug 20, 2025
CVE-2025-8896User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.14.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting6.4Aug 16, 2025