ThreatPress

WordPress Vulnerabilities Database

Back

Ultimate Membership Pro plugin <= 8.6 - Multiple Critical Vulnerabilities

Product
Ultimate Membership Pro
Description
Multiple Critical Vulnerabilities found by Noman Riffat in Ultimate Membership Pro plugin (versions <= 8.6).
Solution
Update the Ultimate Membership Pro plugin to the latest available version (at least 8.6.1).
Classification
Type Multi
OWASP Top 10 A2: Broken Authentication and Session Management
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 8.6
Fixed In 8.6.1
Disclosure date
2020-02-06
Credits
Noman Riffat
Submitter
ThreatPress