CVE-2023-31216

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-31216

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-31216.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-31216

Published

2023-07-17T14:15:10.383Z

Modified

2025-11-20T12:17:30.028540Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Cross-Site Request Forgery (CSRF) vulnerability in Ultimate Member plugin <= 2.6.0 versions.

References

https://patchstack.com/database/vulnerability/ultimate-member/wordpress-ultimate-member-plugin-2-6-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Affected packages

Git / github.com/ultimatemember/ultimatemember

Affected ranges

Type: GIT
Repo: https://github.com/ultimatemember/ultimatemember
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

b60e8aa38a056d36ff6dd844a1d979ca14403398

Affected versions

1.*

1.3.48

1.3.59

1.3.88

1.3.88.4

1.3.88.5

1.3.88.6

2.*

2.0

2.0.10

2.0.11

2.0.12

2.0.13

2.0.14

2.0.15

2.0.16

2.0.17

2.0.18

2.0.19

2.0.21

2.0.22

2.0.23

2.0.24

2.0.26

2.0.29

2.0.30

2.0.31

2.0.32

2.0.33

2.0.34

2.0.35

2.0.37

2.0.38

2.0.39

2.0.4

2.0.41

2.0.43

2.0.44

2.0.45

2.0.46

2.0.47

2.0.48

2.0.49

2.0.5

2.0.50

2.0.51

2.0.52

2.0.53

2.0.54

2.0.55

2.0.56

2.0.9

2.1.0

2.1.0-rc.1

2.1.0-rc.2

2.1.1

2.1.10

2.1.11

2.1.12

2.1.13

2.1.14

2.1.15

2.1.16

2.1.17

2.1.18

2.1.19

2.1.2

2.1.2-rc.1

2.1.20

2.1.21

2.1.3

2.1.3-rc.1

2.1.4

2.1.5

2.1.6

2.1.7

2.1.8

2.1.9

2.2.0

2.2.1

2.2.2

2.2.3

2.2.4

2.2.5

2.3.0

2.3.1

2.3.2

2.4.0

2.4.1

2.4.2

2.5.0

2.5.1

2.5.2

2.5.3

2.5.4

2.6.0

pre-v1.*

pre-v1.3.50

pre-v1.3.69.16

pre-v1.3.69.17

pre-v1.3.69.18

pre-v1.3.69.19

pre-v1.3.69.20

pre-v1.3.69.21

pre-v1.3.69.22

pre-v1.3.69.23

pre-v1.3.69.24

pre-v1.3.69.25

v1.*

v1.3.29

v1.3.30

v1.3.32

v1.3.35

v1.3.36

v1.3.37

v1.3.38

v1.3.39

v1.3.40

v1.3.41

v1.3.42

v1.3.43

v1.3.44

v1.3.45

v1.3.47

v1.3.49

v1.3.51

v1.3.52

v1.3.53

v1.3.54

v1.3.55

v1.3.56

v1.3.60

v1.3.61

v1.3.62

v1.3.63

v1.3.64

v1.3.65

v1.3.66

v1.3.67

v1.3.68

v1.3.69

v1.3.71

v1.3.72

v1.3.73

v1.3.74

v1.3.75

v1.3.76

v1.3.78

v1.3.79

v1.3.81

v1.3.82

v1.3.83

v1.3.84

v1.3.88.1

v1.3.88.2

v1.3.88.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-31216.json"