Ultimatemember Forumwp — known CVE vulnerabilities
Every CVE whose affected-product data names Ultimatemember Forumwp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-54367 — CVSS 9.8 (critical): Deserialization of Untrusted Data vulnerability in Ultimate Member ForumWP forumwp allows Object Injection.This issue affects ForumWP: from…
CVE-2024-8428 — CVSS 8.8 (high): The ForumWP – Forum & Discussion Board Plugin plugin for WordPress is vulnerable to Privilege Escalation via Insecure Direct Object…
CVE-2024-10879 — CVSS 6.1 (medium): The ForumWP – Forum & Discussion Board plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of…
CVE-2024-11204 — CVSS 6.1 (medium): The ForumWP – Forum & Discussion Board plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘url’ parameter…