ultimatemember 厂商相关 29 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。
Ultimate Member 是一款流行的 WordPress 用户注册与会员管理插件,旨在简化网站的用户账户构建流程。截至最新统计,该组件已收录 27 条 CVE,历史上频繁出现越权访问、跨站脚本及远程代码执行等高危漏洞,多源于输入验证缺失或权限逻辑缺陷。其开源特性虽便于定制,但也导致攻击面扩大,安全团队需重点关注版本更新以修复已知缺陷,防范数据泄露风险。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2026-8489 | Ultimate Member 跨站脚本漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-79 | 6.4 | Medium | 2026-07-03 |
| CVE-2026-7761 | Ultimate Member Ultimate Member授权问题漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-862 | 8.8 | High | 2026-06-24 |
| CVE-2025-15064 | WordPress plugin Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 跨站脚本漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-79 | 6.4 | Medium | 2026-04-04 |
| CVE-2026-4248 | WordPress plugin Ultimate Member 授权问题漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-285 | 8.0 | High | 2026-03-27 |
| CVE-2026-1404 | WordPress plugin Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 跨站脚本漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-79 | 6.1 | Medium | 2026-02-18 |
| CVE-2025-13746 | WordPress plugin ForumWP – Forum & Discussion Board 跨站脚本漏洞 — ForumWP – Forum & Discussion BoardCWE-79 | 6.4 | Medium | 2026-01-06 |
| CVE-2025-13220 | WordPress plugin Ultimate Member 跨站脚本漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-79 | 6.4 | Medium | 2025-12-21 |
| CVE-2025-12492 | WordPress plugin Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 信息泄露漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-200 | 5.3 | Medium | 2025-12-20 |
| CVE-2025-14081 | WordPress plugin Ultimate Member 安全漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-863 | 4.3 | Medium | 2025-12-17 |
| CVE-2025-13217 | WordPress plugin Ultimate Member 跨站脚本漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-79 | 6.4 | Medium | 2025-12-17 |
| CVE-2025-1702 | WordPress plugin Ultimate Member SQL注入漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-89 | 7.5 | High | 2025-03-05 |
| CVE-2024-12276 | WordPress plugin Ultimate Member SQL注入漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-89 | 5.3 | Medium | 2025-02-21 |
| CVE-2025-0308 | WordPress plugin Ultimate Member SQL注入漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-89 | 7.5 | High | 2025-01-18 |
| CVE-2025-0318 | WordPress plugin Ultimate Member 信息泄露漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-200 | 5.3 | Medium | 2025-01-18 |
| CVE-2024-11204 | WordPress plugin ForumWP 跨站脚本漏洞 — ForumWP – Forum & Discussion BoardCWE-79 | 6.1 | Medium | 2024-12-06 |
| CVE-2024-10879 | WordPress plugin ForumWP 跨站脚本漏洞 — ForumWP – Forum & Discussion BoardCWE-79 | 6.1 | Medium | 2024-12-06 |
| CVE-2024-10880 | WordPress plugin JobBoardWP 跨站脚本漏洞 — JobBoardWP – Job Board Listings and SubmissionsCWE-79 | 6.1 | Medium | 2024-11-23 |
| CVE-2024-10528 | WordPress plugin Ultimate Member 安全漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-862 | 4.3 | Medium | 2024-11-21 |
| CVE-2024-8519 | WordPress plugin Ultimate Member 跨站脚本漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-79 | 6.4 | Medium | 2024-10-04 |
| CVE-2024-8520 | WordPress plugin Ultimate Member 安全漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-352 | 5.3 | Medium | 2024-10-04 |
| CVE-2024-8428 | WordPress plugin ForumWP 安全漏洞 — ForumWP – Forum & Discussion BoardCWE-639 | 8.8 | High | 2024-09-06 |
| CVE-2024-2765 | WordPress Plugin Ultimate Member 跨站脚本漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-79 | 5.4 | Medium | 2024-05-02 |
| CVE-2024-1071 | WordPress Plugin Ultimate Member 安全漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | 9.8 | Critical | 2024-03-13 |
| CVE-2024-2123 | WordPress Plugin Ultimate Member 安全漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-79 | 7.2 | High | 2024-03-13 |
| CVE-2022-3383 | WordPress plugin Ultimate Member 安全漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-94 | 7.2 | High | 2022-11-29 |
| CVE-2022-3384 | WordPress plugin Ultimate Member 安全漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-94 | 7.2 | High | 2022-11-29 |
| CVE-2022-3361 | WordPress plugin Ultimate Member 路径遍历漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-22 | 4.3 | Medium | 2022-11-29 |
| CVE-2022-1208 | WordPress plugin Ultimate Member 跨站脚本漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-79 | 6.4 | Medium | 2022-06-13 |
| CVE-2022-1209 | WordPress plugin Ultimate Member 输入验证错误漏洞 — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginCWE-601 | 4.3 | Medium | 2022-05-10 |
本页汇总了 ultimatemember 厂商截至目前公开的全部 29 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。