PT-2025-51861 · WordPress · Ultimate Member
Boris Bogosavac
·
Published
2025-12-17
·
Updated
2025-12-17
·
CVE-2025-14081
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
The Ultimate Member plugin for WordPress versions prior to 2.11.1
Description
The Ultimate Member plugin for WordPress has a flaw in its secure fields mechanism. Field keys are stored in the allowed fields list before the
required perm check is applied during rendering. This allows authenticated attackers with Subscriber-level access to modify their profile privacy settings, such as setting profile visibility to "Only me," through direct parameter manipulation, even if the administrator has disabled this option for their role.Recommendations
Update The Ultimate Member plugin to version 2.11.1 or later.
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ultimate Member