Ultimate Member – User Profile & Membership Plugin – WordPress plugin (ultimate-member) Vulnerabilities in Our Data Set

As of May 24, 2019, our data set has listings for 15 vulnerabilities in the plugin Ultimate Member – User Profile & Membership Plugin – WordPress plugin (ultimate-member). If used our service you would have already been warned if you we're using a vulnerable version of the plugin. Once you were a paying customer you could also suggest/vote for the plugin to receive a security review from us to have a more complete picture of the security of the plugin.

The types of vulnerabilities we have in our data set for this plugin include:
  • arbitrary file upload
  • authenticated open redirect
  • authenticated privilege escalation
  • cross-site request forgery (CSRF)
  • cross-site request forgery (CSRF)/cross-site scripting (XSS)
  • cross-site request forgery (CSRF)/local file inclusion (LFI)
  • cross-site request forgery (CSRF)/remote code execution (RCE)
  • file deletion
  • password reset
  • reflected cross-site scripting (XSS)

Sign up now with a free trial and you can see all the listings of vulnerabilities for all the plugins you use right in your WordPress admin interface.