CVE-2025-0318

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.9.1 through different error messages in the responses. This makes it possible for unauthenticated attackers to exfiltrate data from wp_usermeta table.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.9.1/includes/core/um-actions-form.php#L944	Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/4ee149bf-ffa3-4906-8be2-9c3c40b28287?source=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*

History

25 Feb 2025, 22:09

Type	Values Removed	Values Added
CPE		cpe:2.3:a:ultimatemember:ultimate_member::::::wordpress::*
CWE		NVD-CWE-noinfo
References	~~() https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.9.1/includes/core/um-actions-form.php#L944 -~~	() https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.9.1/includes/core/um-actions-form.php#L944 - Product
References	~~() https://www.wordfence.com/threat-intel/vulnerabilities/id/4ee149bf-ffa3-4906-8be2-9c3c40b28287?source=cve -~~	() https://www.wordfence.com/threat-intel/vulnerabilities/id/4ee149bf-ffa3-4906-8be2-9c3c40b28287?source=cve - Third Party Advisory
Summary		(es) El complemento Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin para WordPress es vulnerable a la exposición de información en todas las versiones hasta incluida, 2.9.1 a través de diferentes mensajes de error en las respuestas. Esto permite que atacantes no autenticados extraigan datos de la tabla wp_usermeta.
First Time		Ultimatemember Ultimatemember ultimate Member

18 Jan 2025, 06:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-18 06:15

Updated : 2025-02-25 22:09

NVD link : CVE-2025-0318

Mitre link : CVE-2025-0318

CVE.ORG link : CVE-2025-0318

JSON object : View

Products Affected

ultimatemember

ultimate_member

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

NVD-CWE-noinfo

{"id": "CVE-2025-0318", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2025-01-18T06:15:28.017", "references": [{"url": "https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.9.1/includes/core/um-actions-form.php#L944", "tags": ["Product"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ee149bf-ffa3-4906-8be2-9c3c40b28287?source=cve", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The Ultimate Member \u2013 User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.9.1 through different error messages in the responses. This makes it possible for unauthenticated attackers to exfiltrate data from wp_usermeta table."}, {"lang": "es", "value": "El complemento Ultimate Member \u2013 User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta incluida, 2.9.1 a trav\u00e9s de diferentes mensajes de error en las respuestas. Esto permite que atacantes no autenticados extraigan datos de la tabla wp_usermeta."}], "lastModified": "2025-02-25T22:09:05.680", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "62D6973F-EEC4-49AE-A90D-06EE59EB3287", "versionEndExcluding": "2.9.2"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}

5.3 /10