Lucene search
K

8 matches found

Patchstack
Patchstack
added 2026/06/23 12:0 a.m.5 views

WordPress Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin <= 2.11.4 - Authenticated (Contributor+) Account Takeover vulnerability

Authenticated Contributor+ Account Takeover vulnerability discovered by tiborisaak in WordPress Plugin Ultimate Member versions = 2.11.4...

8.8CVSS5.8AI score0.00499EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.29 views

CVE-2026-39659

...

0.00037EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:42 a.m.7 views

CVE-2018-20965

The ultimate-member plugin before 2.0.4 for WordPress has XSS...

6.1CVSS7.1AI score0.01037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:57 a.m.11 views

CVE-2016-10872

The ultimate-member plugin before 1.3.40 for WordPress has XSS on the login form...

6.1CVSS6.2AI score0.01046EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/04 12:0 a.m.15 views

WordPress Ultimate Member Plugin <= 2.8.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ultimate Member Type Plugin Vulnerable versions = 2.8.6 Fixed in 2.8.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-8520 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 7e0506c6b50a Credits Jack Taylor Required...

5.3CVSS6.7AI score0.00314EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2022/07/12 12:0 a.m.15 views

WordPress Ultimate Member Plugin < 2.0.54 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ultimatemember:ultimatemember"; ifdescription...

5.4CVSS5.5AI score0.00882EPSS
Exploits1References1
Patchstack
Patchstack
added 2020/11/09 12:0 a.m.12 views

WordPress Ultimate Member plugin <= 2.1.11 - Unauthenticated/Authenticated Privilege Escalation

Unauthenticated Privilege Escalation via User Meta vulnerability found by Chloe Chamberland in WordPress Ultimate Member plugin versions = 2.1.11. Solution Update the WordPress Ultimate Member plugin to the latest available version at least 2.1.12...

4.8AI score
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2018/05/15 12:0 a.m.25 views

WordPress Ultimate Member Plugin < 2.0.4 Multiple Vulnerabilities

The WordPress plugin Copyright C 2018 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...

7.5CVSS5AI score0.02598EPSS
Exploits0References2
Rows per page
Query Builder