2 matches found
CVE-2024-10528
CVE-2024-10528 (Ultimate Member) affects WordPress plugin Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership. The root cause is a missing capability check in the image resize handlers (wp_ajax_um_resize_image() and ajax_resize_image()), which a...
WordPress Ultimate Member Plugin <= 2.8.9 is vulnerable to Broken Access Control
Software Ultimate Member Type Plugin Vulnerable versions = 2.8.9 Fixed in 2.9.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10528 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 65aa5e86b9d5 Credits tiborisaak Required privilege...