CVE-2022-3966 A critical vulnerability was found in Ultimate Member Plugin up to 2.5.0. This vulnerability affects the function load_template of the file includes/core/class-shortcodes.php of the Template Handler component.

CVE-2022-3966 A critical vulnerability was found in Ultimate Member Plugin up to 2.5.0. This vulnerability affects the function load_template of the file includes/core/class-shortcodes.php of the Template Handler component.

The second critical vulnerability was discovered in the version 2.5.0 of Ultimate Member Plugin. A cross-site scripting issue was found in the file features/admin/include/advanced-settings.php. The attacker may lure the user to open a specially crafted link via direct message or via email. The malicious script may inject arbitrary web script or HTML. An attacker may leverage this vulnerability to steal cookie information, login credentials, or execute server commands. A fix for this problem was released in version 2.5.2. The update addresses the issue CVE-2018-1163. The identifier VDB-213546 was assigned to this vulnerability. The information about the vulnerability and the fix can be found on the plugin’s homepage.
With the help of these issues, attackers may conduct a variety of attacks, including phishing, session hijacking, cross-site request forgery, information disclosure, or remote code execution.

Vulnerable Software and Resolved Issues

Ultimate Member 2.5.0 was vulnerable to a cross-site scripting attack and an information disclosure vulnerability.
The first critical vulnerability was discovered in the version 2.5.0 of Ultimate Member Plugin, a WordPress plugin for building membership sites with custom profiles, logins, and more. A cross-site scripting issue was found in the file features/admin/include/advanced-settings.php. The attacker may lure the user to open a specially crafted link via direct message or via email. The malicious script may inject arbitrary web script or HTML. An attacker may leverage this vulnerability to steal cookie information, login credentials, or execute server commands. A fix for this problem was released in version 2.5.2 and addresses the issue CVE-2018-1163 .

The vulnerability was discovered in the Ultimate Member Plugin v2.5.0. To update the plugin, please upgrade to version 2.5.2 or higher.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe