4:["$","div",null,{"className":"wrap","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"CollectionPage\",\"name\":\"Vulnerabilities in ultimatemember\",\"url\":\"https://vexday.io/en/vendor/ultimatemember\",\"isPartOf\":{\"@type\":\"WebSite\",\"name\":\"Vexday\",\"url\":\"https://vexday.io\"},\"mainEntity\":{\"@type\":\"ItemList\",\"numberOfItems\":27},\"breadcrumb\":{\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https://vexday.io/en\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Technologies\",\"item\":\"https://vexday.io/en/vendors\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"ultimatemember\"}]}}"}}],["$","nav",null,{"className":"crumbs","children":[["$","$La",null,{"href":"/en","children":"Home"}]," ",["$","span",null,{"children":"/"}]," ",["$","$La",null,{"href":"/en/vendors","children":"Technologies"}]," ",["$","span",null,{"children":"/"}]," ",["$","b",null,{"children":"ultimatemember"}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":18},"children":[["$","h1",null,{"style":{"fontSize":"1.7rem","margin":0,"fontFamily":"var(--font-display)","fontWeight":700},"children":["Vulnerabilities in"," ",["$","span",null,{"style":{"color":"var(--orange)"},"children":"ultimatemember"}]]}],["$","span",null,{"className":"t","children":["27"," ","results"]}]]}],["$","div",null,{"className":"list","children":[["$","$La","CVE-2024-1071",{"className":"item","href":"/en/cve/CVE-2024-1071","children":[["$","span",null,{"className":"cid","children":"CVE-2024-1071"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is v"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"89.4%"}]]}],false]}]]}],["$","$La","CVE-2024-2123",{"className":"item","href":"/en/cve/CVE-2024-2123","children":[["$","span",null,{"className":"cid","children":"CVE-2024-2123"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Ultimate Member <= 2.8.3 - Unauthenticated Stored Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"26.7%"}]]}],false]}]]}],["$","$La","CVE-2022-3383",{"className":"item","href":"/en/cve/CVE-2022-3383","children":[["$","span",null,{"className":"cid","children":"CVE-2022-3383"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Admin+) Remote Code Execution via Multi-Select"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"2.8%"}]]}],false]}]]}],["$","$La","CVE-2022-3384",{"className":"item","href":"/en/cve/CVE-2022-3384","children":[["$","span",null,{"className":"cid","children":"CVE-2022-3384"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Admin+) Limited Remote Code Execution via um_populate_dropdown_options"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"2.7%"}]]}],false]}]]}],["$","$La","CVE-2022-3361",{"className":"item","href":"/en/cve/CVE-2022-3361","children":[["$","span",null,{"className":"cid","children":"CVE-2022-3361"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Contributor+) Directory Traversal via Shortcodes"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"2.5%"}]]}],false]}]]}],["$","$La","CVE-2022-1208",{"className":"item","href":"/en/cve/CVE-2022-1208","children":[["$","span",null,{"className":"cid","children":"CVE-2022-1208"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Ultimate Member <= 2.3.2 - Stored Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.9%"}]]}],false]}]]}],["$","$La","CVE-2022-1209",{"className":"item","href":"/en/cve/CVE-2022-1209","children":[["$","span",null,{"className":"cid","children":"CVE-2022-1209"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Ultimate Member <= 2.3.1 - Arbitrary Redirect"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.7%"}]]}],false]}]]}],["$","$La","CVE-2025-1702",{"className":"item","href":"/en/cve/CVE-2025-1702","children":[["$","span",null,{"className":"cid","children":"CVE-2025-1702"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Ultimate Member <= 2.10.0 - Unauthenticated SQL Injection via search Parameter"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.7%"}]]}],false]}]]}],["$","$La","CVE-2024-10528",{"className":"item","href":"/en/cve/CVE-2024-10528","children":[["$","span",null,{"className":"cid","children":"CVE-2024-10528"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Ultimate Member <= 2.8.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Profile Picture Update"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2025-0308",{"className":"item","href":"/en/cve/CVE-2025-0308","children":[["$","span",null,{"className":"cid","children":"CVE-2025-0308"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Ultimate Member <= 2.9.1 - Unauthenticated SQL Injection"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-2765",{"className":"item","href":"/en/cve/CVE-2024-2765","children":[["$","span",null,{"className":"cid","children":"CVE-2024-2765"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Ultimate Member <= 2.8.4 - Authenticated (Subscriber+) Stored Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-8428",{"className":"item","href":"/en/cve/CVE-2024-8428","children":[["$","span",null,{"className":"cid","children":"CVE-2024-8428"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"ForumWP – Forum & Discussion Board Plugin <= 2.0.2 - Insecure Direct Object Reference to Authenticated (Subscriber+) Privilege Escalation via Account Takeover"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-10880",{"className":"item","href":"/en/cve/CVE-2024-10880","children":[["$","span",null,{"className":"cid","children":"CVE-2024-10880"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"JobBoardWP – Job Board Listings and Submissions <= 1.3.0 - Reflected Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2025-12492",{"className":"item","href":"/en/cve/CVE-2025-12492","children":[["$","span",null,{"className":"cid","children":"CVE-2025-12492"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.11.0 - Unauthenticated Sensitive Information Exposure"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-8519",{"className":"item","href":"/en/cve/CVE-2024-8519","children":[["$","span",null,{"className":"cid","children":"CVE-2024-8519"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Ultimate Member <= 2.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-10879",{"className":"item","href":"/en/cve/CVE-2024-10879","children":[["$","span",null,{"className":"cid","children":"CVE-2024-10879"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"ForumWP – Forum & Discussion Board <= 2.1.2 - Reflected Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-0318",{"className":"item","href":"/en/cve/CVE-2025-0318","children":[["$","span",null,{"className":"cid","children":"CVE-2025-0318"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.9.1 - Information Exposure"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-11204",{"className":"item","href":"/en/cve/CVE-2024-11204","children":[["$","span",null,{"className":"cid","children":"CVE-2024-11204"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"ForumWP – Forum & Discussion Board <= 2.1.2 - Reflected Cross-Site Scripting via url Parameter"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-12276",{"className":"item","href":"/en/cve/CVE-2024-12276","children":[["$","span",null,{"className":"cid","children":"CVE-2024-12276"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Ultimate Member <= 2.9.2 - Authenticated SQL Injection"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-8520",{"className":"item","href":"/en/cve/CVE-2024-8520","children":[["$","span",null,{"className":"cid","children":"CVE-2024-8520"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Ultimate Member <= 2.8.6 - Cross-Site Request Forgery to Membership Status Change"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}]]}],["$","div",null,{"className":"pagination","children":[["$","span",null,{"className":"off","children":"← previous"}],["$","span",null,{"className":"pgnum","children":["page"," ","1"," / ","2"]}],["$","$La",null,{"href":"?page=2","children":"next →"}]]}]]}]