VYPR

Ultimate Member Widgets For Elementor

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-66116HigDec 18, 2025
    risk 0.49cvss 7.5epss 0.00

    Insertion of Sensitive Information Into Sent Data vulnerability in UserElements Ultimate Member Widgets for Elementor ultimate-member-widgets-for-elementor allows Retrieve Embedded Sensitive Data.This issue affects Ultimate Member Widgets for Elementor: from n/a through <= 2.3.

  • CVE-2025-12778MedNov 20, 2025
    risk 0.27cvss 5.3epss 0.00

    The Ultimate Member Widgets for Elementor – WordPress User Directory plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handle_filter_users function in all versions up to, and including, 2.3. This makes it possible for…