Lucene search
K

56 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 5:3 p.m.4 views

CVE-2026-25357

Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through = 13.7...

8.1CVSS5.8AI score0.00342EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.3 views

EUVD-2026-15677

Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through = 13.7...

5.8AI score0.00342EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:16 p.m.1 views

CVE-2026-25357

Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through = 13.7...

8.1CVSS0.00342EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.1 views

CVE-2026-25357 WordPress Ultimate Membership Pro plugin <= 13.7 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through = 13.7...

8.1CVSS5.8AI score0.00342EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.5 views

CVE-2026-25357

CVE-2026-25357 describes an authentication bypass in azzaroco Ultimate Membership Pro (indeed-membership-pro) for WordPress, allowing authentication abuse via an alternate path or channel. The issue affects versions n/a through 13.7; CVSSv3.1 base score 8.1 (HIGH) with NETWORK attack vector, LOW ...

8.1CVSS5.8AI score0.00342EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.27 views

CVE-2026-25357 WordPress Ultimate Membership Pro plugin <= 13.7 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through = 13.7...

8.1CVSS0.00342EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.4 views

WordPress plugin Ultimate Membership Pro 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

8.1CVSS5.8AI score0.00342EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.3 views

PT-2026-27918

Name of the Vulnerable Software and Affected Versions azzaroco Ultimate Membership Pro versions n/a through 13.7 Description An authentication bypass issue exists in azzaroco Ultimate Membership Pro indeed-membership-pro, allowing for authentication abuse. The issue involves using an alternate pa...

8.1CVSS5.9AI score0.00342EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/03/23 1:57 p.m.3 views

WordPress Ultimate Membership Pro plugin <= 13.7 - Account Takeover vulnerability

Account Takeover vulnerability discovered by Phat RiO in WordPress Plugin Ultimate Membership Pro versions = 13.7...

8.1CVSS5.8AI score0.00342EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-40134

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00255EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-40135

Malicious code in bioql PyPI...

10CVSS6.7AI score0.00536EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-40133

Malicious code in bioql PyPI...

9.8CVSS6.7AI score0.00549EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:56 p.m.6 views

CVE-2024-43242

Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro.This issue affects Ultimate Membership Pro: from n/a through = 12.7...

10CVSS6AI score0.00536EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:48 p.m.4 views

CVE-2024-43240

Improper Authentication vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro.This issue affects Ultimate Membership Pro: from n/a through = 12.7...

9.8CVSS6AI score0.00549EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:39 p.m.6 views

CVE-2024-43241

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro.This issue affects Ultimate Membership Pro: from n/a through = 12.7...

7.1CVSS5.9AI score0.00255EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.5 views

The vulnerability of the Ultimate Membership Pro plugin of the WordPress content management system allows a hacker to increase their privileges.

The vulnerability of the Ultimate Membership Pro plugin of the WordPress content management system is related to insecure management of privileges. Exploiting this vulnerability can allow a hacker to increase their privileges...

10CVSS5.8AI score0.00549EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.4 views

The vulnerability of the Ultimate Membership Pro plugin of the WordPress content management system, related to deserialization mechanism flaws, allows a hacker to execute arbitrary code.

The vulnerability of the Ultimate Membership Pro plugin of the WordPress content management system is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS6.3AI score0.00536EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/10/16 6:43 a.m.47 views

CVE-2020-36832

The CVE-2020-36832 entry concerns the WordPress plugin Ultimate Membership Pro. Affects versions 7.3 through 8.6 (inclusive). The underlying issue is an authentication bypass that enables unauthenticated attackers to log in as any user, including the site administrator (default user ID 1) via use...

9.8CVSS9.5AI score0.00671EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/16 6:43 a.m.22 views

CVE-2020-36832 Indeed Membership Pro 7.3 - 8.6 - Authentication Bypass

The Ultimate Membership Pro plugin for WordPress is vulnerable to Authentication Bypass in versions between, and including, 7.3 to 8.6. This makes it possible for unauthenticated attackers to login as any user, including the site administrator with a default user ID of 1, via the username or user...

9.8CVSS0.00671EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/16 6:43 a.m.23 views

CVE-2020-36832 Indeed Membership Pro 7.3 - 8.6 - Authentication Bypass

The Ultimate Membership Pro plugin for WordPress is vulnerable to Authentication Bypass in versions between, and including, 7.3 to 8.6. This makes it possible for unauthenticated attackers to login as any user, including the site administrator with a default user ID of 1, via the username or user...

9.8CVSS7AI score0.00671EPSS
Exploits0References3
Rows per page
Query Builder