Primary

Context

Cozmoslabs Profile Builder Content Spoofing Vulnerability

Vulnerability

Patched

A content spoofing vulnerability has been identified in the Cozmoslabs Profile Builder WordPress plugin, affecting versions through 3.13.8. This vulnerability allows phishing by improperly validating specified quantities in user input, potentially enabling malicious actors to inject deceptive content into website pages and posts.

Impact

Exploitation of this vulnerability could lead to unauthorized content injection, allowing for the creation of phishing pages on the affected website.

Remediation

Users of the Profile Builder WordPress plugin should update to version 3.13.9 or later to address this vulnerability.

Added: Jun 6, 2025, 1:47 PM

Updated: Jun 6, 2025, 4:03 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

7.6

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

7.6

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cozmoslabs Profile Builder Content Spoofing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Cozmoslabs Profile Builder

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating