CVE-2022-1209
The CVE concerns the WordPress plugin Ultimate Member, vulnerable up to version 2.3.1 due to insufficient validation of URLs in the social fields on the Profile Page, enabling arbitrary redirects. Affected component: Ultimate Member plugin for WordPress; root cause: open redirect caused by improp...