Description

WordPress Plugin Ultimate Member-User Profile & Membership is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently modify arbitrary user_meta data. WordPress Plugin Ultimate Member-User Profile & Membership version 1.3.52 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 1.3.53 or latest

References

Related Vulnerabilities