CVE-2021-24170

HIGH EXPLOITED NUCLEI

Cozmoslabs User Profile Picture < 2.5.0 - Information Disclosure

Title source: rule

Description

The REST API endpoint get_users in the User Profile Picture WordPress plugin before 2.5.0 returned more information than was required for its functionality to users with the upload_files capability. This included password hashes, hashed user activation keys, usernames, emails, and other less sensitive information.

Nuclei Templates (1)

User Profile Picture < 2.5.0 - Sensitive Information Disclosure

HIGHby s4e-io

FOFA: body="/wp-content/plugins/metronet-profile-picture"

References (2)

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/29fc5b0e-0a5f-4484-a1e6-a0a1206726cc

[Third Party Advisory] https://www.wordfence.com/blog/2021/03/medium-severity-vulnerability-patched-in-user-profile-picture-plugin/

Scores

CVSS v3 7.5

EPSS 0.4215

EPSS Percentile 97.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2022-12-05

CWE

CWE-200

Status published

Products (1)

cozmoslabs/user_profile_picture < 2.5.0

Published Apr 05, 2021

Tracked Since Feb 18, 2026