WordPress Ultimate Member Vulnerabilities
Wordpress Ultimate Member vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
SQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2025-1702WordPressUltimate Member β User...7.5HIGHServer-Side Request Forgery in Better Messages Plugin for WordPress
CVE-2024-13697WordPressBetter Messages β Live...4.8MEDIUMSensitive Information Exposure in Better Messages Plugin for WordPress
CVE-2024-13611WordPressBetter Messages β Live...7.5HIGHSQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2024-12276WordPressUltimate Member β User...6.5MEDIUMStored Cross-Site Scripting in Better Messages Live Chat for WordPress
CVE-2024-13612WordPressBetter Messages β Live...5.4MEDIUMSQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2025-0308WordpressUltimate Member β User...7.5HIGHInformation Exposure in Ultimate Member Plugin for WordPress
CVE-2025-0318WordpressUltimate Member β User...5.3MEDIUMFile Upload Vulnerability in SuitePlugins Video & Photo Gallery
CVE-2024-54370WordPressVideo & Photo Gallery ...9.9CRITICALUltimate Member Video & Photo Gallery Plugin Vulnerable to Reflected XSS
CVE-2024-12162WordpressVideo & Photo Gallery ...6.1MEDIUMUnauthorized Profile Picture Updates in The Ultimate Member Plugin
CVE-2024-10528WordpressUltimate Member β User...4.3MEDIUMFreemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes
CVE-2022-4974WordpressYasr β Yet Another Sta...6.3MEDIUMStored Cross-Site Scripting Vulnerability in The Ultimate Member Plugin
CVE-2024-8519WordpressUltimate Member5.4MEDIUMUnauthenticated Attackers Can Modify User Membership Status via Cross-Site Request Forgery
CVE-2024-8520WordpressUltimate Member4.3MEDIUMStored Cross-Site Scripting Vulnerability in Ultimate Member Plugin for WordPress
CVE-2024-2765WordpressUltimate Member β User...5.4MEDIUMSQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2024-1071WordpressUltimate Member β User...πΎπ‘π°9.8CRITICALUltimate Member Plugin Vulnerable to Stored Cross-Site Scripting
CVE-2024-2123WordpressUltimate Member β User...7.2HIGHWordPress BP Better Messages Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-49168WordpressBetter Messages β Live...6.5MEDIUMWordPress Ultimate Member Plugin <= 2.6.0 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-31216WordPressUltimate Member4.3MEDIUMUltimate Member < 2.6.7 - Unauthenticated Privilege Escalation
CVE-2023-3460WordpressUltimate MemberπΎπ‘EPSS 60%9.8CRITICALRemote Code Execution in Ultimate Member Plugin for WordPress
CVE-2022-3383WordpressUltimate Member β User...7.2HIGHRemote Code Execution Vulnerability in Ultimate Member Plugin for WordPress
CVE-2022-3384WordPressUltimate Member β User...7.2HIGHDirectory Traversal Vulnerability in Ultimate Member Plugin for WordPress
CVE-2022-3361WordPressUltimate Member β User...4.3MEDIUMUltimate Member <= 2.3.2 - Stored Cross-Site Scripting
CVE-2022-1208WordpressUltimate Member 6.4MEDIUMUltimate Member <= 2.3.1 - Open Redirect
CVE-2022-1209WordpressUltimate Member 3.5LOWUltimate Member < 2.1.20 - Authenticated Reflected Cross-Site Scripting (XSS)
CVE-2021-24306WordpressUltimate Member β User...5.4MEDIUM