Lucene search

CVE-2020-36157

🗓️ 04 Jan 2021 18:13:15Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 43 Views

An issue in Ultimate Member plugin for WordPress, allowing unauthenticated privilege escalation

Reporter	Title	Published	Views	Family All 8
wpexploit	Ultimate Member < 2.1.12 - Unauthenticated Privilege Escalation via User Roles	9 Nov 202000:00	–	wpexploit
WPVulnDB	Ultimate Member < 2.1.12 - Unauthenticated Privilege Escalation via User Roles	9 Nov 202000:00	–	wpvulndb
Prion	Privilege escalation	4 Jan 202118:15	–	prion
Cvelist	CVE-2020-36157	4 Jan 202117:22	–	cvelist
RedhatCVE	CVE-2020-36157	5 Feb 202515:08	–	redhatcve
OSV	CVE-2020-36157	4 Jan 202118:15	–	osv
NVD	CVE-2020-36157	4 Jan 202118:15	–	nvd
OpenVAS	WordPress Ultimate Member Plugin <= 2.1.11 Multiple Privilege Escalation Vulnerabilities	10 Nov 202000:00	–	openvas

Nvd

Node

ultimatemember ultimate_memberRange<2.1.12wordpress

Source	Link
wordpress	www.wordpress.org/plugins/ultimate-member/
wordfence	www.wordfence.com/blog/2020/11/critical-privilege-escalation-vulnerabilities-affect-100k-sites-using-ultimate-member-plugin/
wpscan	www.wpscan.com/vulnerability/33f059c5-58e5-44b9-bb27-793c3cedef3b

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Jan 2021 18:15Current

9.3High risk

Vulners AI Score9.3

CVSS27.5

CVSS39.8 - 10

EPSS0.00725