CVE-2018-10233
CVE-2018-10233 affects the WordPress User Profile & Membership plugin (Ultimate Member) before 2.0.7. A CSRF flaw with no mitigations is present throughout the plugin, potentially allowing unauthorized operations. Affected component: the plugin’s core/profile/membership functions; root cause: lac...