CVE-2025-14081 | Ultimate Member Plugin up to 2.11.0 on WordPress Setting required_perm access control

Inserito da Angelo Barbosa | Dic 17, 2025 | CVE

A vulnerability labeled as critical has been found in Ultimate Member Plugin up to 2.11.0 on WordPress. Affected is the function required_perm of the component Setting Handler. Such manipulation leads to improper access controls.

This vulnerability is uniquely identified as CVE-2025-14081. The attack can be launched remotely. No exploit exists.

CVE-2025-14081 | Ultimate Member Plugin up to 2.11.0 on WordPress Setting required_perm access control

Post correlati

CVE-2022-48664 | Linux Kernel up to 5.10.146/5.15.70/5.19.11/6.0 btrfs cow_file_range_inline denial of service

CVE-2025-53547 | Helm up to 3.18.3 code injection (GHSA-557j-xg8c-q2mm)

CVE-2024-36935 | Linux Kernel up to 6.8.9 ice memdup_user_nul null termination (5ff4de981983/666854ea9cad)

CVE-2025-12281 | code-projects Client Details System 1.0 /admin/clientview.php cross site scripting