CVE-2024-12276

Name of the Vulnerable Software and Affected Versions The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress versions up to, and including, 2.9.2

Description The issue is related to second-order SQL Injection via filenames due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. This allows authenticated attackers with access to upload files and manage filenames to append additional SQL queries into already existing queries, potentially extracting sensitive information from the database. The risk of this issue is considered minimal as it requires a user to be able to manipulate filenames to successfully exploit.

Recommendations For versions up to, and including, 2.9.2, update to a version later than 2.9.2 to resolve the issue. As a temporary workaround, consider restricting access to file uploads and filename management to minimize the risk of exploitation.