Volerion logoVolerion
Volerion logoVolerion

Ultimate Member WordPress Plugin Second-Order SQL Injection Vulnerability

Vulnerability

A second-order SQL injection vulnerability has been identified in the Ultimate Member WordPress plugin, specifically in versions through 2.9.2. This vulnerability arises from inadequate escaping of user-supplied parameters and insufficient preparation of SQL queries. Authenticated attackers with the ability to upload files and manage filenames, potentially through a third-party file manager plugin, can exploit this issue by appending malicious SQL queries to existing ones. This could lead to unauthorized extraction of sensitive database information. However, the vulnerability's risk is considered minimal, as it requires manipulation of filenames for successful exploitation.

Impact

Exploitation allows authenticated attackers to inject additional SQL queries into existing ones, potentially leading to unauthorized access and extraction of sensitive information from the database.

Remediation

Users are advised to update the Ultimate Member WordPress plugin to version 2.10.0 or a newer patched version.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
6.4
impact
2.5
exploitability
6.1
remediation
7.7
relevance
0.0
threat
3.2
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.