CVE-2024-1071

🗓️ 13 Mar 2024 15:26:32Reported by WordfenceType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 228 Views🌐 WEB

Ultimate Member WordPress plugin 2.1.3-2.8.2 SQL Injection vulnerabilit

Reporter	Title	Published	Views	Family All 29
GithubExploit	Exploit for SQL Injection in Ultimatemember Ultimate_Member	15 Sep 202411:28	–	githubexploit
GithubExploit	Exploit for SQL Injection in Ultimatemember Ultimate_Member	30 Aug 202404:23	–	githubexploit
GithubExploit	Exploit for SQL Injection in Ultimatemember Ultimate_Member	1 Nov 202414:57	–	githubexploit
GithubExploit	Exploit for SQL Injection in Ultimatemember Ultimate_Member	18 Mar 202416:58	–	githubexploit
GithubExploit	Exploit for SQL Injection in Ultimatemember Ultimate_Member	30 Aug 202404:23	–	githubexploit
GithubExploit	Exploit for SQL Injection in Ultimatemember Ultimate_Member	27 Feb 202411:41	–	githubexploit
BDU FSTEC	The vulnerability of the Ultimate Member plugin for the WordPress content management system allows a hacker to execute arbitrary SQL queries against the database.	29 Feb 202400:00	–	bdu_fstec
Circl	CVE-2024-1071	27 Feb 202406:46	–	circl
CNNVD	WordPress Plugin Ultimate Member Security Vulnerability	13 Mar 202400:00	–	cnnvd
Cvelist	CVE-2024-1071	13 Mar 202415:26	–	cvelist

NVD

Vulners

Vulnrichment

Node

ultimatemember ultimate_memberRange2.1.3–2.8.3wordpress

[
  {
    "vendor": "ultimatemember",
    "product": "Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin",
    "versions": [
      {
        "version": "2.1.3",
        "status": "affected",
        "lessThanOrEqual": "2.8.2",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/005fa621-3c49-4c23-add5-d6b7a9110055
plugins	www.plugins.trac.wordpress.org/changeset/3038036/ultimate-member/trunk/includes/core/class-member-directory-meta.php
plugins	www.plugins.trac.wordpress.org/browser/ultimate-member/tags/2.8.2/includes/core/class-member-directory-meta.php
wordpress	www.wordpress.org/plugins/ultimate-member/
plugins	www.plugins.trac.wordpress.org/browser/ultimate-member/tags/2.8.2/includes/core/class-member-directory-meta.php
plugins	www.plugins.trac.wordpress.org/browser/ultimate-member/tags/2.8.2/includes/core/class-member-directory-meta.php

Parameter	Position	Path	Description	CWE
action	request body	/wp-admin/admin-ajax.php	SQL Injection via unsanitized sorting parameter in Ultimate Member plugin allowing unauthenticated users to inject SQL when using admin-ajax.php with action=um_get_members and enabling the related setting.	CWE-89
nonce	request body	/wp-admin/admin-ajax.php	SQL Injection via unsanitized sorting parameter in Ultimate Member plugin allowing unauthenticated users to inject SQL when using admin-ajax.php with action=um_get_members and enabling the related setting.	CWE-89
directory_id	request body	/wp-admin/admin-ajax.php	SQL Injection via unsanitized sorting parameter in Ultimate Member plugin allowing unauthenticated users to inject SQL when using admin-ajax.php with action=um_get_members and enabling the related setting.	CWE-89
sorting	request body	/wp-admin/admin-ajax.php	SQL Injection via unsanitized sorting parameter in Ultimate Member plugin allowing unauthenticated users to inject SQL when using admin-ajax.php with action=um_get_members and enabling the related setting.	CWE-89

17 Jun 2026 07:03Current

9.6High risk

Vulners AI Score9.6

CVSS 3.19.8

EPSS0.89431

SSVC

CWE-89