WordPress Ultimate Member Plugin Vulnerability - CVE-2025-0318 - Vulnerability Database

WordPress Ultimate Member Plugin Vulnerability - CVE-2025-0318

Medium
Reference: CVE-2025-0318
Title: WordPress Ultimate Member Plugin Vulnerability
Overview:

The Ultimate Member User Profile Registration Login Member Directory Content Restriction amp Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 2.9.1 through different error messages in the responses. This makes it possible for unauthenticated attackers to exfiltrate data from wp_usermeta table.