WordPress Ultimate Member Vulnerabilities
Wordpress Ultimate Member vulnerabilities.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Profile Privacy Setting Bypass in Ultimate Member Plugin for WordPress
CVE-2025-14081WordPressUltimate Member – User...4.3MEDIUMStored Cross-Site Scripting Vulnerability in Ultimate Member Plugin for WordPress
CVE-2025-13217WordPressUltimate Member – User...6.4MEDIUMStored Cross-Site Scripting Vulnerability in Better Messages Plugin for WordPress
CVE-2025-14154WordPressBetter Messages – Live...6.1MEDIUMUnauthorized Data Access in the Ultimate Member Widgets for Elementor by WordPress
CVE-2025-12778WordPressUltimate Member Widget...5.3MEDIUMCode Injection Vulnerability in Ultimate Member by Ultimate Member
CVE-2025-47691WordPressUltimate Member5.5MEDIUMSQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2025-1702WordPressUltimate Member – User...7.5HIGHServer-Side Request Forgery in Better Messages Plugin for WordPress
CVE-2024-13697WordPressBetter Messages – Live...6.5MEDIUMSensitive Information Exposure in Better Messages Plugin for WordPress
CVE-2024-13611WordPressBetter Messages – Live...7.5HIGHSQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2024-12276WordPressUltimate Member – User...6.5MEDIUMStored Cross-Site Scripting in Better Messages Live Chat for WordPress
CVE-2024-13612WordPressBetter Messages – Live...5.4MEDIUMSQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2025-0308WordpressUltimate Member – User...7.5HIGHInformation Exposure in Ultimate Member Plugin for WordPress
CVE-2025-0318WordpressUltimate Member – User...5.3MEDIUMFile Upload Vulnerability in SuitePlugins Video & Photo Gallery
CVE-2024-54370WordPressVideo & Photo Gallery ...9.9CRITICALUltimate Member Video & Photo Gallery Plugin Vulnerable to Reflected XSS
CVE-2024-12162WordpressVideo & Photo Gallery ...6.1MEDIUMUnauthorized Profile Picture Updates in The Ultimate Member Plugin
CVE-2024-10528WordpressUltimate Member – User...4.3MEDIUMFreemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes
CVE-2022-4974WordpressYasr – Yet Another Sta...6.3MEDIUMStored Cross-Site Scripting Vulnerability in The Ultimate Member Plugin
CVE-2024-8519WordpressUltimate Member5.4MEDIUMUnauthenticated Attackers Can Modify User Membership Status via Cross-Site Request Forgery
CVE-2024-8520WordpressUltimate Member4.3MEDIUMStored Cross-Site Scripting Vulnerability in Ultimate Member Plugin for WordPress
CVE-2024-2765WordpressUltimate Member – User...5.4MEDIUMSQL Injection Vulnerability in Ultimate Member Plugin for WordPress
CVE-2024-1071WordPressUltimate Member – User...📈👾🟡EPSS 92%📰9.8CRITICALUltimate Member Plugin Vulnerable to Stored Cross-Site Scripting
CVE-2024-2123WordpressUltimate Member – User...EPSS 41%6.1MEDIUMWordPress BP Better Messages Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-49168WordpressBetter Messages – Live...6.5MEDIUMWordPress Ultimate Member Plugin <= 2.6.0 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-31216WordPressUltimate Member4.3MEDIUMUltimate Member < 2.6.7 - Unauthenticated Privilege Escalation
CVE-2023-3460WordpressUltimate Member👾🟡EPSS 92%9.8CRITICALRemote Code Execution in Ultimate Member Plugin for WordPress
CVE-2022-3383WordpressUltimate Member – User...EPSS 31%7.2HIGH