Description

WordPress Plugin Ultimate Member-User Profile, User Registration, Login & Membership is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin Ultimate Member-User Profile, User Registration, Login & Membership version 2.1.11 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 2.1.12 or latest

References

https://www.wordfence.com/blog/2020/11/critical-privilege-escalation-vulnerabilities-affect-100k-sites-using-ultimate-member-plugin/

https://plugins.svn.wordpress.org/ultimate-member/trunk/readme.txt

Related Vulnerabilities

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.14)

Joomla! Core 3.x.x Multiple Cross-Site Scripting Vulnerabilities (3.0.0 - 3.9.3)

WordPress Plugin Custom Post Type UI Cross-Site Scripting (1.1.1)

WordPress Plugin Pricing Table by Supsystic Cross-Site Request Forgery (1.8.0)

WordPress Plugin MetaSlider Cross-Site Scripting (3.17.1)

Severity

High

Classification

CVE-2020-36155 CVE-2020-36156 CVE-2020-36157 CWE-264 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Tags

Missing Update Privilege Escalation