WordPress Plugin Vulnerabilities

Ultimate Member < 2.0.46 - Multiple Vulnerabilities

Description

The Ultimate Member – User Profile, User Registration, Login & Membership Plugin WordPress plugin was affected by a Multiple Vulnerabilities security vulnerability.

Affects Plugins

Plugin icon
ultimate-member
Fixed in 2.0.46

References

URL
https://blog.sucuri.net/2019/05/multiple-vulnerabilities-in-the-wordpress-ultimate-member-plugin.html
URL
https://plugins.trac.wordpress.org/changeset/2085539/ultimate-member

Miscellaneous

Original Researcher
Antony Garand (Sucuri)
Submitter
Ryan Dewhurst
Submitter website
https://wpscan.io
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
7c54f599-70c0-42ee-9bb3-bd8d8010e08d

Timeline

Publicly Published
2019-05-13 (about 7 years ago)
Added
2019-05-14 (about 6 years ago)
Last Updated
2020-08-12 (about 5 years ago)

Other

Published
Title
Published
2019-07-23
Title
WPS Cleaner <= 1.4.4 - Multiple Issues
Published
2014-02-27
Title
VideoWhisper Live Streaming Integration 4.27.3 - Multiple Vulnerabilities
Published
2019-06-10
Title
Online Lesson Booking <= 0.8.6 - CSRF & XSS
Published
2015-08-04
Title
WP Accurate Form Data <= 1.2 - Cross-Site Scripting (XSS) & CSRF
Published
2015-07-15
Title
Welcart e-Commerce < 1.4.18 - Multiple Vulnerabilities