CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Ultimatemember: >> Ultimate Member >> 2.5.1 Security Vulnerabilities

CVE-2023-3460

The Ultimate Member WordPress plugin before 2.6.7 does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This is actively being exploited in the wild.

CVSS Score

9.8

EPSS Score

0.929

Published

2023-07-04

Page 2

Vulnerabilities

Vulnerable Software

Ultimatemember: >> Ultimate Member >> 2.5.1 Security Vulnerabilities

Products

Pricing

Contact Us