Checked on April 9, 2025

Plugin Contains Vulnerability:

The current version of the plugin Ultimate Member contains a known vulnerability. If you were a subscriber of our service you would have already been alerted if you were using an affected version. You can sign up for a free trial of our service to get the details of the vulnerability.

Possible Issue Detected:

• The plugin registers one or more AJAX actions to be accessible whether the requester is logged in to WordPress or not. Those registrations should be checked to make sure that they are intended to be accessed by those not logged in.

Subscribers of our service are able to see the details of the possible issue identified above. Alongside that, any issues that we have already checked on will be noted. You can sign up for the service for free here. For existing subscribers, once you are logged in to your account, return to this page to access that functionality.

You should not be contacting the developer of the plugin with these results as they only indicate a possible issues. Instead, someone with the proper expertise should review the plugin to determine if there is in fact an issue before contacting the developer about a confirmed issue, so their time is not taken up unnecessarily.

The plugin may contain security issues that cannot be found by this tool. Paying subscribers of our service can suggest/vote for the plugin to receive a thought security review from us for no additional cost. If you want to get a review done right away, our price to do that for version 2.10.2 of the plugin would be $1800 USD.

Plugin Security Scorecard Grade:

Plugin Information

• Slug: ultimate-member
• Version: 2.10.2

---

Check Plugin in WordPress Plugin Directory

Choose WordPress plugin available in the Plugin Directory to check by searching on its name or slug:

Check Plugin in ClassicPress Plugin Directory

Choose ClassicPress plugin available in the Plugin Directory to check by searching on its name or slug:

Check Other Plugin

Subscribers of our service can submit ZIP files of other plugins to have them checked. You can sign up for a free trial of the service here. For existing subscribers, once you are logged in to your account, return to this page to access that functionality.

The results of these scans will not be logged.