WordPress Ultimate Member Vulnerabilities
Wordpress Ultimate Member vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
SQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2025-0308WordpressUltimate Member β User...7.5HIGHInformation Exposure in Ultimate Member Plugin for WordPress
CVE-2025-0318WordpressUltimate Member β User...5.3MEDIUMUltimate Member Video & Photo Gallery Plugin Vulnerable to Reflected XSS
CVE-2024-12162WordpressVideo & Photo Gallery ...6.1MEDIUMUnauthorized Profile Picture Updates in The Ultimate Member Plugin
CVE-2024-10528WordpressUltimate Member β User...4.3MEDIUMFreemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes
CVE-2022-4974WordpressYasr β Yet Another Sta...6.3MEDIUMStored Cross-Site Scripting Vulnerability in The Ultimate Member Plugin
CVE-2024-8519WordpressUltimate Member5.4MEDIUMUnauthenticated Attackers Can Modify User Membership Status via Cross-Site Request Forgery
CVE-2024-8520WordpressUltimate Member4.3MEDIUMStored Cross-Site Scripting Vulnerability in Ultimate Member Plugin for WordPress
CVE-2024-2765WordpressUltimate Member β User...5.4MEDIUMSQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2024-1071WordpressUltimate Member β User...πΎπ‘π°9.8CRITICALUltimate Member Plugin Vulnerable to Stored Cross-Site Scripting
CVE-2024-2123WordpressUltimate Member β User...7.2HIGHWordPress BP Better Messages Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-49168WordpressBetter Messages β Live...6.5MEDIUMUltimate Member < 2.6.7 - Unauthenticated Privilege Escalation
CVE-2023-3460WordpressUltimate MemberπΎπ‘EPSS 49%9.8CRITICALRemote Code Execution in Ultimate Member Plugin for WordPress
CVE-2022-3383WordpressUltimate Member β User...7.2HIGHRemote Code Execution Vulnerability in Ultimate Member Plugin for WordPress
CVE-2022-3384WordpressUltimate Member β User...7.2HIGHDirectory Traversal Vulnerability in Ultimate Member Plugin for WordPress
CVE-2022-3361WordpressUltimate Member β User...4.3MEDIUMUltimate Member <= 2.3.2 - Stored Cross-Site Scripting
CVE-2022-1208WordpressUltimate Member 6.4MEDIUMUltimate Member <= 2.3.1 - Open Redirect
CVE-2022-1209WordpressUltimate Member 3.5LOWUltimate Member < 2.1.20 - Authenticated Reflected Cross-Site Scripting (XSS)
CVE-2021-24306WordpressUltimate Member β User...5.4MEDIUM- CVE-2020-36170WordpressUltimate Member5.3MEDIUM
- CVE-2020-36155WordpressUltimate Member10CRITICAL
- CVE-2020-36156WordpressUltimate Member9.9CRITICAL
- CVE-2020-36157WordpressUltimate Member10CRITICAL
- CVE-2020-6859WordpressUltimate Member5.3MEDIUM
- CVE-2019-14945WordpressUltimate Member5.4MEDIUM
- CVE-2019-14946WordpressUltimate Member5.4MEDIUM