How it works Pricing

Vulnerabilities

WordPress Plugins Themes Stats Submit vulnerabilities

For developers

Status API details CLI scanner

WordPress Plugin Vulnerabilities

Ultimate Member < 2.0.33 - Cross-Site Request Forgery (CSRF)

Description

According to the change log:

"Fixed AJAX vulnerabilities"

Affects Plugins

ultimate-member

Fixed in version 2.0.33

References

URL

https://plugins.trac.wordpress.org/changeset/1978789/ultimate-member

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

Miscellaneous

Verified

No

WPVDB ID

0b3afa2d-5eca-4046-896a-424e355c64a3

Timeline

Publicly Published

2018-11-22 (about 4 years ago)

Added

2018-11-26 (about 4 years ago)

Last Updated

2020-08-12 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin