Description
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.6. This is due to missing or incorrect nonce validation on the admin_init or user_action_hook function. This makes it possible for unauthenticated attackers to modify a users membership status via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Forum Server 'edit_post_id' Parameter SQL Injection (1.7)
Oracle JRE CVE-2013-2461 Vulnerability (CVE-2013-2461)
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.5)
WordPress Plugin Cherry Cross-Site Scripting (1.2.8.1)
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-1814)