Description
WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership is prone to an open redirect vulnerability because the application fails to properly verify user-supplied input. Exploiting this issue may allow attackers to redirect users to arbitrary web sites and conduct phishing attacks; other attacks are also possible. WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership version 2.1.6 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.7 or latest
References
https://wordpress.org/support/topic/redirect_to-in-querystring-vulnerability/
https://plugins.svn.wordpress.org/ultimate-member/trunk/readme.txt
Related Vulnerabilities
WeBid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3815)
WebLogic Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21350)
WordPress Plugin User Meta 'uploader.php' Arbitrary File Upload (1.1.1)
Jboss EAP Incorrect Authorization Vulnerability (CVE-2022-0866)