3 matches found
CVE-2020-36157
An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Roles. Due to the lack of filtering on the role parameter that could be supplied during the registration process, an attacker could supply the role parameter with a...
CVE-2020-36157
The CVE-2020-36157 entry concerns the WordPress plugin Ultimate Member (before 2.1.12). The issue is an unauthenticated privilege escalation via the role parameter during user registration, caused by insufficient filtering that allows an attacker to supply a WordPress capability (or custom Ultima...
CVE-2020-36157
An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Roles. Due to the lack of filtering on the role parameter that could be supplied during the registration process, an attacker could supply the role parameter with a...