Description
WordPress Plugin Ultimate Member-User Profile, User Registration, Login & Membership is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin Ultimate Member-User Profile, User Registration, Login & Membership version 2.1.11 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.12 or latest
References
Related Vulnerabilities
WordPress Plugin Google Captcha (reCAPTCHA) by BestWebSoft Security Bypass (1.12)
WordPress Plugin WP Fastest Cache Cross-Site Request Forgery (0.9.0.2)
WordPress Plugin Quick Featured Images Cross-Site Scripting (12.3.5)
WordPress Plugin WooCommerce Quick Reports Cross-Site Scripting (1.0.6)
WordPress Plugin WP Htaccess Editor Unspecified Vulnerability (1.0.1)