56 matches found
CVE-2026-25357
Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through = 13.7...
EUVD-2026-15677
Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through = 13.7...
CVE-2026-25357
Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through = 13.7...
CVE-2026-25357 WordPress Ultimate Membership Pro plugin <= 13.7 - Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through = 13.7...
CVE-2026-25357
CVE-2026-25357 describes an authentication bypass in azzaroco Ultimate Membership Pro (indeed-membership-pro) for WordPress, allowing authentication abuse via an alternate path or channel. The issue affects versions n/a through 13.7; CVSSv3.1 base score 8.1 (HIGH) with NETWORK attack vector, LOW ...
CVE-2026-25357 WordPress Ultimate Membership Pro plugin <= 13.7 - Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through = 13.7...
WordPress plugin Ultimate Membership Pro 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
PT-2026-27918
Name of the Vulnerable Software and Affected Versions azzaroco Ultimate Membership Pro versions n/a through 13.7 Description An authentication bypass issue exists in azzaroco Ultimate Membership Pro indeed-membership-pro, allowing for authentication abuse. The issue involves using an alternate pa...
WordPress Ultimate Membership Pro plugin <= 13.7 - Account Takeover vulnerability
Account Takeover vulnerability discovered by Phat RiO in WordPress Plugin Ultimate Membership Pro versions = 13.7...
EUVD-2024-40134
Malicious code in bioql PyPI...
EUVD-2024-40135
Malicious code in bioql PyPI...
EUVD-2024-40133
Malicious code in bioql PyPI...
CVE-2024-43242
Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro.This issue affects Ultimate Membership Pro: from n/a through = 12.7...
CVE-2024-43240
Improper Authentication vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro.This issue affects Ultimate Membership Pro: from n/a through = 12.7...
CVE-2024-43241
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro.This issue affects Ultimate Membership Pro: from n/a through = 12.7...
The vulnerability of the Ultimate Membership Pro plugin of the WordPress content management system allows a hacker to increase their privileges.
The vulnerability of the Ultimate Membership Pro plugin of the WordPress content management system is related to insecure management of privileges. Exploiting this vulnerability can allow a hacker to increase their privileges...
The vulnerability of the Ultimate Membership Pro plugin of the WordPress content management system, related to deserialization mechanism flaws, allows a hacker to execute arbitrary code.
The vulnerability of the Ultimate Membership Pro plugin of the WordPress content management system is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
CVE-2020-36832
The CVE-2020-36832 entry concerns the WordPress plugin Ultimate Membership Pro. Affects versions 7.3 through 8.6 (inclusive). The underlying issue is an authentication bypass that enables unauthenticated attackers to log in as any user, including the site administrator (default user ID 1) via use...
CVE-2020-36832 Indeed Membership Pro 7.3 - 8.6 - Authentication Bypass
The Ultimate Membership Pro plugin for WordPress is vulnerable to Authentication Bypass in versions between, and including, 7.3 to 8.6. This makes it possible for unauthenticated attackers to login as any user, including the site administrator with a default user ID of 1, via the username or user...
CVE-2020-36832 Indeed Membership Pro 7.3 - 8.6 - Authentication Bypass
The Ultimate Membership Pro plugin for WordPress is vulnerable to Authentication Bypass in versions between, and including, 7.3 to 8.6. This makes it possible for unauthenticated attackers to login as any user, including the site administrator with a default user ID of 1, via the username or user...