[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fo6UpiRvnUJE7YldiTJNZuF3p84NaV6bCWOXO3IUHALI":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2025-14081","ultimate-member-authenticated-subscriber-profile-privacy-setting-bypass","Ultimate Member \u003C= 2.11.0 - Authenticated (Subscriber+) Profile Privacy Setting Bypass","The Ultimate Member plugin for WordPress is vulnerable to Profile Privacy Setting Bypass in all versions up to, and including, 2.11.0. This is due to a flaw in the secure fields mechanism where field keys are stored in the allowed fields list before the `required_perm` check is applied during rendering. This makes it possible for authenticated attackers with Subscriber-level access to modify their profile privacy settings (e.g., setting profile to \"Only me\") via direct parameter manipulation, even when the administrator has explicitly disabled the option for their role.","ultimate-member",null,"\u003C=2.11.0","2.11.1","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Incorrect Authorization","2025-12-16 00:00:00","2025-12-17 18:21:35",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Faad57a68-c385-491f-a5a2-32906df4b52b?source=api-prod",2]