Product: Ultimate Member – User Profile & Membership Plugin

Version: 2.0.27 or earlier

URL: https://wordpress.org/plugins/ultimate-member/

Potential users affected: 100.000+

CVE : CVE-2018-17866

Ultimate member

Ultimate Member is one of the many user profile & membership plugins for WordPress. The plugin makes it a breeze for users to sign-up and become members of your website. The plugin allows you to add user profiles to your site and is suitable for creating advanced online communities and membership sites. Lightweight and highly extendible, Ultimate Member will enable you to create almost any type of site where users can join and become members with absolute ease.

Description

Multiple cross-site scripting (XSS) vulnerabilities in includes/core/um-actions-login.php in the “Ultimate Member - User Profile & Membership” plugin through 2.0.27 for WordPress allow remote attackers to inject arbitrary web script or HTML via the “Primary button Text” or “Second button text” field.

Vulnerability Type

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) (CWE-79)

Proof of Concept

Timelapse