CVE-2026-1404 | Ultimate Member Plugin up to 2.11.1 on WordPress Filter filter_first_name cross site scripting

Inserito da Angelo Barbosa | Feb 18, 2026 | CVE

A vulnerability has been found in Ultimate Member Plugin up to 2.11.1 on WordPress and classified as problematic. This affects the function filter_first_name of the component Filter Handler. This manipulation causes cross site scripting.

This vulnerability is tracked as CVE-2026-1404. The attack is possible to be carried out remotely. No exploit exists.

CVE-2026-1404 | Ultimate Member Plugin up to 2.11.1 on WordPress Filter filter_first_name cross site scripting

Post correlati

CVE-2024-22569 | POSCMS 4.6.2 index.php cross site scripting

CVE-2024-41803 | xibosignage xibo-cms up to 3.3.11/4.0.13 sql injection (GHSA-hpc5-mxfq-44hv)

CVE-2024-9296 | SourceCodester Advocate Office Management System 1.0 /control/forgot_pass.php username sql injection

CVE-2023-24052 | Connectize AC21000 G6 641.139.1.1256 password recovery