WordPress Ultimate Member Vulnerabilities
Wordpress Ultimate Member vulnerabilities.
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Code Injection Vulnerability in Ultimate Member by Ultimate Member
CVE-2025-47691WordPressUltimate Member5.5MEDIUMSQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2025-1702WordPressUltimate Member โ User...7.5HIGHServer-Side Request Forgery in Better Messages Plugin for WordPress
CVE-2024-13697WordPressBetter Messages โ Live...6.5MEDIUMSensitive Information Exposure in Better Messages Plugin for WordPress
CVE-2024-13611WordPressBetter Messages โ Live...7.5HIGHSQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2024-12276WordPressUltimate Member โ User...6.5MEDIUMStored Cross-Site Scripting in Better Messages Live Chat for WordPress
CVE-2024-13612WordPressBetter Messages โ Live...5.4MEDIUMSQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2025-0308WordpressUltimate Member โ User...7.5HIGHInformation Exposure in Ultimate Member Plugin for WordPress
CVE-2025-0318WordpressUltimate Member โ User...5.3MEDIUMFile Upload Vulnerability in SuitePlugins Video & Photo Gallery
CVE-2024-54370WordPressVideo & Photo Gallery ...9.9CRITICALUltimate Member Video & Photo Gallery Plugin Vulnerable to Reflected XSS
CVE-2024-12162WordpressVideo & Photo Gallery ...6.1MEDIUMUnauthorized Profile Picture Updates in The Ultimate Member Plugin
CVE-2024-10528WordpressUltimate Member โ User...4.3MEDIUMFreemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes
CVE-2022-4974WordpressYasr โ Yet Another Sta...6.3MEDIUMStored Cross-Site Scripting Vulnerability in The Ultimate Member Plugin
CVE-2024-8519WordpressUltimate Member5.4MEDIUMUnauthenticated Attackers Can Modify User Membership Status via Cross-Site Request Forgery
CVE-2024-8520WordpressUltimate Member4.3MEDIUMStored Cross-Site Scripting Vulnerability in Ultimate Member Plugin for WordPress
CVE-2024-2765WordpressUltimate Member โ User...5.4MEDIUMSQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2024-1071WordPressUltimate Member โ User...๐๐พ๐กEPSS 91%๐ฐ9.8CRITICALUltimate Member Plugin Vulnerable to Stored Cross-Site Scripting
CVE-2024-2123WordpressUltimate Member โ User...EPSS 26%6.1MEDIUMWordPress BP Better Messages Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-49168WordpressBetter Messages โ Live...6.5MEDIUMWordPress Ultimate Member Plugin <= 2.6.0 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-31216WordPressUltimate Member4.3MEDIUMUltimate Member < 2.6.7 - Unauthenticated Privilege Escalation
CVE-2023-3460WordpressUltimate Member๐พ๐กEPSS 93%9.8CRITICALRemote Code Execution in Ultimate Member Plugin for WordPress
CVE-2022-3383WordpressUltimate Member โ User...EPSS 20%7.2HIGHRemote Code Execution Vulnerability in Ultimate Member Plugin for WordPress
CVE-2022-3384WordPressUltimate Member โ User...EPSS 15%7.2HIGHDirectory Traversal Vulnerability in Ultimate Member Plugin for WordPress
CVE-2022-3361WordPressUltimate Member โ User...4.3MEDIUMUltimate Member <= 2.3.2 - Stored Cross-Site Scripting
CVE-2022-1208WordpressUltimate Member 6.4MEDIUMUltimate Member <= 2.3.1 - Open Redirect
CVE-2022-1209WordpressUltimate Member 3.5LOW