214 matches found
CVE-2025-1475
The WPCOM Member plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.5. This is due to insufficient verification on the 'userphone' parameter when logging in. This makes it possible for unauthenticated attackers to log in as any existing user on t...
CVE-2025-1475 WPCOM Member <= 1.7.5 - Authentication Bypass via 'user_phone'
The WPCOM Member plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.5. This is due to insufficient verification on the 'userphone' parameter when logging in. This makes it possible for unauthenticated attackers to log in as any existing user on t...
CVE-2025-1475 WPCOM Member <= 1.7.5 - Authentication Bypass via 'user_phone'
The WPCOM Member plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.5. This is due to insufficient verification on the 'userphone' parameter when logging in. This makes it possible for unauthenticated attackers to log in as any existing user on t...
CVE-2025-1702
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 2.10.0 due to insufficient escaping on the user suppli...
CVE-2025-1702
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 2.10.0 due to insufficient escaping on the user suppli...
CVE-2025-1702 Ultimate Member <= 2.10.0 - Unauthenticated SQL Injection via search Parameter
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 2.10.0 due to insufficient escaping on the user suppli...
CVE-2024-12276 Ultimate Member <= 2.9.2 - Authenticated SQL Injection
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to second-order SQL Injection via filenames in all versions up to, and including, 2.9.2 due to insufficient escaping on the user supplied parameter...
CVE-2024-12276 Ultimate Member <= 2.9.2 - Authenticated SQL Injection
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to second-order SQL Injection via filenames in all versions up to, and including, 2.9.2 due to insufficient escaping on the user supplied parameter...
WordPress Ultimate Member plugin <= 2.9.2 - Authenticated SQL Injection vulnerability
Authenticated SQL Injection vulnerability discovered by tiborisaak in WordPress Plugin Ultimate Member versions = 2.9.2...
CVE-2022-3383
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the getoptionvaluefromcallback function that accepts user supplied input and passes it through calluserfunc. This makes it possible for authenticated attackers, with...
CVE-2020-36156
An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Authenticated Privilege Escalation via Profile Update. Any user with wp-admin access to the profile.php page could supply the parameter um-role with a value set to any role e.g., Administrator during a profile...
CVE-2020-36157
An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Roles. Due to the lack of filtering on the role parameter that could be supplied during the registration process, an attacker could supply the role parameter with a...
CVE-2020-36155
An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Meta. An attacker could supply an array parameter for sensitive metadata, such as the wpcapabilities user meta that defines a user's role. During the registration...
CVE-2024-7493
The WPCOM Member plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.5.2.1. This is due to the plugin allowing arbitrary data to be passed to wpinsertuser during registration. This makes it possible for unauthenticated attackers to update their role ...
CVE-2024-2123
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several parameters in all versions up to, and including, 2.8.3 due to insufficient input sanitization and...
CVE-2025-0318
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.9.1 through different error messages in the responses. This makes it possible for...
CVE-2025-0308
The CVE covers WordPress plugin Ultimate Member (versions up to 2.9.1) with a time-based SQL Injection via the search parameter caused by insufficient escaping and lack of proper query preparation, enabling unauthenticated attackers to append SQL to existing queries to extract data. Some connecte...
CVE-2025-0318 Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.9.1 - Information Exposure
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.9.1 through different error messages in the responses. This makes it possible for...
CVE-2025-0318 Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.9.1 - Information Exposure
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.9.1 through different error messages in the responses. This makes it possible for...
PT-2025-3823 · WordPress · The Ultimate Member
Name of the Vulnerable Software and Affected Versions: The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress versions up to, and including, 2.9.1 Description: The issue is related to time-based SQL Injection via the...