Ultimate Member < 2.0.52 - CSRF and Stored XSS issues
A CSRF vulnerability in adding/editing user roles in Ultimate Member 2.0.49. It also lead to stored XSS.
July 9th, 2019 - v2.0.50 released and still affected. Escalated to WP Plugins Team
July 9th, 2019 - v2.0.51 released, fixing the CSRF but not the XSS
July 11th, 2019 - Escalated again to WP Plugins team, as another XSS was reported on June 24th, 2019 (https://github.com/ultimatemember/ultimatemember/issues/578) and was still unfixed.
July 11th - v2.0.52 released fixing both XSS
Proof of Concept
Video POC : https://drive.google.com/file/d/1wz846fP9rB97PlRSlC4xHYW_Q5QJXK4s/view?usp=sharing
csrf-um.html : https://drive.google.com/file/d/1p6Rzw3ts7RASP4X7H8v2CI3TIXPVwVn1/view?usp=sharing