3 matches found
WordPress Ultimate Member Plugin <= 2.1.12 Deprecated UM Forms Field Vulnerability
The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
CVE-2020-36170
The Ultimate Member plugin before 2.1.13 for WordPress mishandles hidden name="timestamp" fields in forms...
CVE-2020-36170
CVE-2020-36170 affects the WordPress Ultimate Member plugin, with versions prior to 2.1.13 exposed to a vulnerability where hidden name="timestamp" fields in forms are mishandled. The issue is documented across multiple feeds (NVD/Red Hat/CNVD) and is characterized by a lack of public exploitatio...