Description
Multiple Insecure Direct Object Reference vulnerabilities in includes/core/class-files.php in the Ultimate Member plugin through 2.1.2 for WordPress allow remote attackers to change other users' profiles and cover photos via a modified user_id parameter. This is related to ajax_image_upload and ajax_resize_image.
Remediation
References
Related Vulnerabilities
WordPress Plugin Keyring Cross-Site Scripting (1.5)
Coppermine Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3481)
WordPress Plugin Hustle-Pop-Ups, Slide-ins and Email Opt-ins CSV Injection (6.0.7)
Moodle Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2012-1160)