The plugin does not validate user input passed to call_user_func() via the get_option_value_from_callback() function, which could allow high privilege users to perform RCE even when they are not allowed to (for example in multisite setup)
CPE | Name | Operator | Version |
---|---|---|---|
ultimate-member | lt | 2.5.1 |