cleantalk
Vulnerabilities and Security Researches

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin, CVE-2023-31216

CVE, Research URL

CVE-2023-31216

Home page URL

Security reports for Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin

Application

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin

Published on
Jul 17, 2023
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Ultimate Member plugin <= 2.6.0 versions.
Affected versions
max 2.6.7.
Status
vulnerable
Previous vulnerability researches
Video &amp; Photo Gallery for Ultimate Member (CVE-2025-32121) , Apr 06, 2025
Video &amp; Photo Gallery for Ultimate Member (CVE-2024-12162) , Dec 13, 2024
Video &amp; Photo Gallery for Ultimate Member (CVE-2024-54370) , Dec 18, 2024
Video &amp; Photo Gallery for Ultimate Member (CVE-2025-22672) , Feb 20, 2025
BuddyForms Ultimate Member (893cfcf44e3c079784f666e461a667cb4f6e2761) , Jun 06, 2024
New vulnerability
The Plus Addons for Elementor (CVE-2026-2385) , Apr 15, 2026
The Plus Addons for Elementor (CVE-2026-2386) , Apr 15, 2026
Photo Gallery by 10Web &#8211; Mobile-Friendly Image Gallery (CVE-2026-1036) , Apr 15, 2026
Secure Copy Content Protection and Content Locking (CVE-2026-1320) , Apr 15, 2026
Secure Copy Content Protection and Content Locking (CVE-2026-2367) , Apr 15, 2026