Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 2.3.2

  • Severity: medium-risk
  • Status: Fixed
  • Publication: March 21, 2022

The Ultimate Member plugin for WordPress has a security flaw that can be exploited by users to inject malicious web scripts into the Biography field on individual user profile pages. This vulnerability affects all versions up to and including 2.3.2

Detected in:

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin fixed vulnerable versions: >= * <= 2.3.2

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.