Known vulnerabilities in Ultimate Member Ultimate Member - User Profile & Membership Plugin

Vendor: Ultimate Member

Website: https://profiles.wordpress.org/ultimatemember/

Total Security Bulletins: 20

Security bulletins (20)

Secuity bulletin	Severity	Status	Published
SB2025030729: SQL injection in Ultimate Member plugin for WordPress	High	Patched	07.03.2025
SB2025012281: Multiple vulnerabilities in Ultimate Member plugin for WordPress	Medium	Patched	22.01.2025
SB2023063049: Improper authorization in Ultimate Member plugin for WordPress	Critical	Patched Exploited	30.06.2023
SB2022103131: Multiple vulnerabilities in Ultimate Member – User Profile & Membership Plugin for WordPress	Medium	Patched	31.10.2022
SB2020081301: Open redirect in Ultimate Member – User Profile & Membership Plugin for WordPress	Medium	Patched	13.08.2020
SB2020012404: Improper access control in Ultimate Member – User Profile & Membership Plugin for WordPress	Medium	Patched	24.01.2020
SB2019072216: Cross-site scripting in Ultimate Member plugin for WordPress	Low	Patched	22.07.2019
SB2019062409: Multiple vulnerabilities in Ultimate Member plugin for WordPress	Low	Patched	24.06.2019
SB2019052409: Information disclosure in Ultimate Member – User Profile & Membership Plugin for WordPress	High	Patched	24.05.2019
SB2019052319: Cross-site scripting in Ultimate Member – User Profile & Membership Plugin for WordPress	Medium	Patched	23.05.2019
SB2019052318: Cross-site scripting in Ultimate Member – User Profile & Membership Plugin for WordPress	Medium	Patched	23.05.2019
SB2019040605: CSRF in Ultimate Member plugin for WordPress	Medium	Patched	06.04.2019
SB2018112216: Cross-site request forgery in Ultimate Member – User Profile & Membership Plugin for WordPress	Medium	Patched	22.11.2018
SB2018100605: Cross-site scripting in Ultimate Member – User Profile & Membership Plugin for WordPress	Low	Patched	06.10.2018
SB2018081021: Cross-site scripting in Ultimate Member – User Profile & Membership Plugin for WordPress	Low	Patched	10.08.2018
SB2018080814: Arbitrary file upload in Ultimate Member – User Profile & Membership Plugin for WordPress	High	Patched	08.08.2018
SB2018021423: Multiple vulnerabilities in in Ultimate Member – User Profile & Membership Plugin for WordPress	Low	Patched	14.02.2018
SB2015120203: Cross-site scripting in Ultimate Member – User Profile & Membership Plugin for WordPress	Low	Patched	02.12.2015
SB2015082003: Cross-site scripting in Ultimate Member – User Profile & Membership Plugin for WordPress	Low	Patched	20.08.2015
SB2015061802: Cross-site scripting in Ultimate Member – User Profile & Membership Plugin for WordPress	Low	Patched	18.06.2015

Known vulnerabilities in Ultimate Member Ultimate Member - User Profile & Membership Plugin

Security bulletins (20)

Please verify you're human