Description
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.9.1 through different error messages in the responses. This makes it possible for unauthenticated attackers to exfiltrate data from wp_usermeta table.
Published: 2025-01-18
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Exposure
Action: Apply Patch
AI Analysis

Impact

The vulnerability exists in the Ultimate Member plugin for WordPress up to version 2.9.1 and is caused by error messages that expose sensitive data. An unauthenticated attacker can trigger these messages to read entries from the wp_usermeta table, which contains user account metadata such as passwords, capabilities and personal information. If exploited, the attacker would gain confidential data about site users and could use it for account takeover or social engineering.

Affected Systems

WordPress sites running any version of the Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin with a version number of 2.9.1 or earlier are impacted. The plugin is distributed under the cpe string cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity. The EPSS score of less than 1% shows that the likelihood of public exploitation is low, and the vulnerability is not listed in CISA’s KEV catalog. Nonetheless, the potential for unauthorized data exposure means the risk is non‑negligible, especially on sites with sensitive user data. Exploitation requires no authentication and only the ability to fire the error‑producing requests against the plugin’s form handling endpoint.

Generated by OpenCVE AI on April 22, 2026 at 13:32 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Ultimate Member plugin to version 2.9.2 or later to remove the error‑based information disclosure.
  • If an upgrade is not feasible immediately, disable the plugin or remove it from the WordPress installation to prevent the vulnerable code from running.
  • After updating or disabling, review the wp_usermeta table and disconnect any legacy entries that were potentially exposed, and ensure that database access permissions are restricted to the minimum required for WordPress.

Generated by OpenCVE AI on April 22, 2026 at 13:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-1601 The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.9.1 through different error messages in the responses. This makes it possible for unauthenticated attackers to exfiltrate data from wp_usermeta table.
History

Tue, 25 Feb 2025 22:30:00 +0000

Type Values Removed Values Added
First Time appeared Ultimatemember
Ultimatemember ultimate Member
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*
Vendors & Products Ultimatemember
Ultimatemember ultimate Member

Wed, 22 Jan 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sat, 18 Jan 2025 05:45:00 +0000

Type Values Removed Values Added
Description The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.9.1 through different error messages in the responses. This makes it possible for unauthenticated attackers to exfiltrate data from wp_usermeta table.
Title Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.9.1 - Information Exposure
Weaknesses CWE-200
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Ultimatemember Ultimate Member
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T16:51:55.551Z

Reserved: 2025-01-07T22:50:30.349Z

Link: CVE-2025-0318

cve-icon Vulnrichment

Updated: 2025-01-22T14:19:22.573Z

cve-icon NVD

Status : Analyzed

Published: 2025-01-18T06:15:28.017

Modified: 2025-02-25T22:09:05.680

Link: CVE-2025-0318

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T13:45:18Z

Weaknesses