High severity8.8NVD Advisory· Published Apr 23, 2018· Updated Jun 17, 2026
CVE-2018-10233
CVE-2018-10233
Description
The User Profile & Membership plugin before 2.0.7 for WordPress has no mitigations implemented against cross site request forgery attacks. This is a structural finding throughout the entire plugin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2.0.7
- Range: <2.0.7
Patches
Vulnerability mechanics
References
3- github.com/RiieCco/write-ups/tree/master/CVE-2018-10233nvdThird Party Advisory
- wordpress.org/plugins/ultimate-member/nvdThird Party Advisory
- wpvulndb.com/vulnerabilities/9611nvd
News mentions
0No linked articles in our index yet.