CVE-2020-36156

🗓️ 04 Jan 2021 18:13:15Reported by [email protected]Type

Issue in Ultimate Member plugin for WordPress allowing authenticated privilege escalation via profile updat

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
RedhatCVE	CVE-2020-36156	5 Feb 202515:09	–	redhatcve
WPVulnDB	Ultimate Member < 2.1.12 - Authenticated Privilege Escalation via Profile Update	9 Nov 202000:00	–	wpvulndb
wpexploit	Ultimate Member < 2.1.12 - Authenticated Privilege Escalation via Profile Update	9 Nov 202000:00	–	wpexploit
OSV	CVE-2020-36156	4 Jan 202118:15	–	osv
Cvelist	CVE-2020-36156	4 Jan 202117:22	–	cvelist
Prion	Privilege escalation	4 Jan 202118:15	–	prion
CVE	CVE-2020-36156	4 Jan 202118:15	–	cve
OpenVAS	WordPress Ultimate Member Plugin <= 2.1.11 Multiple Privilege Escalation Vulnerabilities	10 Nov 202000:00	–	openvas

Nvd

Node

ultimatemember ultimate_memberRange<2.1.12wordpress

Source	Link
wpscan	www.wpscan.com/vulnerability/dd4c4ece-7206-4788-8747-f0c0f3ab0a53
wordpress	www.wordpress.org/plugins/ultimate-member/
wordfence	www.wordfence.com/blog/2020/11/critical-privilege-escalation-vulnerabilities-affect-100k-sites-using-ultimate-member-plugin/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Jan 2021 18:15Current

9.6High risk

Vulners AI Score9.6

CVSS26.5

CVSS38.8

EPSS0.00694

CWE-269