Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 2.1.7

  • Severity: medium-risk
  • Status: Fixed
  • Publication: July 23, 2020

The Ultimate Member plugin for WordPress is vulnerable to a security issue called “open redirects”. This issue exists in versions of the plugin up to, and including, 2.1.6. This means that attackers can use this vulnerability to trick victims into visiting malicious websites. To do this, the attackers need to get the victims to click on a link.

Detected in:

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin fixed vulnerable versions: >= * < 2.1.7

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.