Vulnerabilities > Ultimatemember > Ultimate Member > 2.5.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-17 | CVE-2023-31216 | Cross-Site Request Forgery (CSRF) vulnerability in Ultimatemember Ultimate Member Cross-Site Request Forgery (CSRF) vulnerability in Ultimate Member plugin <= 2.6.0 versions. | 8.8 |
| 2023-07-04 | CVE-2023-3460 | Unspecified vulnerability in Ultimatemember Ultimate Member The Ultimate Member WordPress plugin before 2.6.7 does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. | 9.8 |