CVE-2018-0590

CVE-2018-0590

EPSS 1.1%

Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to bypass access restriction to modify the other users profiles via unspecified vectors.

Affected products

Ultimate Member · Ultimate Member

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://jvn.jp/en/jp/JVN28804532/index.html https://wordpress.org/plugins/ultimate-member/#developers https://wpvulndb.com/vulnerabilities/9608