{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "fixed": "2.9.0" } ] }, "events": [ { "introduced": "0" }, { "fixed": "ac62824455b070c7aedac12a3c62529a82ad6f67" } ], "repo": "https://github.com/ultimatemember/ultimatemember", "type": "GIT" } ] } ], "details": "The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction \u0026 Membership Plugin plugin for WordPress is vulnerable to unauthorized profile picture updates due to a missing capability check on the wp_ajax_um_resize_image() and ajax_resize_image() functions in all versions up to, and including, 2.8.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the profile pictures of other users.", "id": "CVE-2024-10528", "modified": "2026-04-01T23:08:05.286902872Z", "published": "2024-11-21T11:15:19.133Z", "references": [ { "type": "WEB", "url": "https://github.com/ultimatemember/ultimatemember/blob/ab05bc570a8ba6449cd470791be1c0670eb9c203/includes/core/class-files.php#L332" }, { "type": "WEB", "url": "https://github.com/ultimatemember/ultimatemember/blob/ab05bc570a8ba6449cd470791be1c0670eb9c203/includes/core/class-files.php#L371" }, { "type": "ADVISORY", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0a9793b6-2186-46ef-b204-d8f8f154ebf3?source=cve" }, { "type": "FIX", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3186722%40ultimate-member\u0026new=3186722%40ultimate-member\u0026sfp_email=\u0026sfph_mail=" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "type": "CVSS_V3" } ] }