Ultimate Member < 2.0.52 - CSRF and Stored XSS issues

2019-07-11T00:00:00
ID WPVDB-ID:9449
Type wpvulndb
Reporter Akash Labade
Modified 2020-08-12T00:00:00

Description

WordPress Vulnerability - Ultimate Member < 2.0.52 - CSRF and Stored XSS issues

PoC

Video POC : https://drive.google.com/file/d/1wz846fP9rB97PlRSlC4xHYW_Q5QJXK4s/view?usp=sharing csrf-um.html : https://drive.google.com/file/d/1p6Rzw3ts7RASP4X7H8v2CI3TIXPVwVn1/view?usp=sharing