Medium severity5.3NVD Advisory· Published Jan 18, 2025· Updated Jun 17, 2026
CVE-2025-0318
CVE-2025-0318
Description
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.9.1 through different error messages in the responses. This makes it possible for unauthenticated attackers to exfiltrate data from wp_usermeta table.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<=2.9.1+ 1 more
- (no CPE)range: <=2.9.1
- (no CPE)
- ultimatemember/Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Pluginv5Range: 0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.