CVE-2026-4248

Name of the Vulnerable Software and Affected Versions Ultimate Member plugin for WordPress versions through 2.11.2

Description The Ultimate Member plugin for WordPress is susceptible to Sensitive Information Exposure. The issue stems from the '{usermeta:password reset link}' template tag being processed within post content through the '[um loggedin]' shortcode. This process generates a valid password reset token for the currently logged-in user. Authenticated attackers with Contributor-level access or higher can exploit this by creating a malicious pending post. When an Administrator previews this post, a password reset token for the Administrator is generated and sent to a server controlled by the attacker, potentially leading to full account takeover.

Recommendations Versions prior to 2.11.3 should be updated.