CVE-2025-13217 | Ultimate Member Plugin up to 2.11.0 on WordPress um_profile_field_filter_hook__youtube_video Value cross site scripting

Inserito da Angelo Barbosa | Dic 17, 2025 | CVE

A vulnerability marked as problematic has been reported in Ultimate Member Plugin up to 2.11.0 on WordPress. Affected by this vulnerability is the function um_profile_field_filter_hook__youtube_video. Performing manipulation of the argument Value results in cross site scripting.

This vulnerability was named CVE-2025-13217. The attack may be initiated remotely. There is no available exploit.

CVE-2025-13217 | Ultimate Member Plugin up to 2.11.0 on WordPress um_profile_field_filter_hook__youtube_video Value cross site scripting

Post correlati

CVE-2025-62820 | Slack Nebula up to 1.9.6 Source IP Address unprotected alternate channel

CVE-2023-48914 | Dreamer CMS 4.1.3 /admin/archives/add cross-site request forgery

CVE-2024-44193 | Apple iTunes up to 12.12.2 on Windows Local Privilege Escalation

CVE-2024-56715 | Linux Kernel up to 6.1.121/6.6.67/6.12.6 ionic register_netdev Privilege Escalation