{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25357", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-02T12:52:48.541Z", "datePublished": "2026-03-25T16:14:44.726Z", "dateUpdated": "2026-03-26T17:07:53.985Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://codecanyon.net", "defaultStatus": "unaffected", "packageName": "indeed-membership-pro", "product": "Ultimate Membership Pro", "vendor": "azzaroco", "versions": [{"changes": [{"at": "13.7.1", "status": "unaffected"}], "lessThanOrEqual": "<= 13.7", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Phat RiO | Patchstack Bug Bounty Program"}], "datePublic": "2026-03-25T17:12:24.761Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.<p>This issue affects Ultimate Membership Pro: from n/a through <= 13.7.</p>"}], "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through <= 13.7."}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "Authentication Abuse"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-288", "description": "Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:44.726Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/indeed-membership-pro/vulnerability/wordpress-ultimate-membership-pro-plugin-13-7-account-takeover-vulnerability?_s_id=cve"}], "title": "WordPress Ultimate Membership Pro plugin <= 13.7 - Account Takeover vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T17:07:32.077061Z", "id": "CVE-2026-25357", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:07:53.985Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-25357", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-26T17:07:32.077061Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:06:51.137Z"}}], "cna": {"title": "WordPress Ultimate Membership Pro plugin <= 13.7 - Account Takeover vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Phat RiO | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "Authentication Abuse"}]}], "affected": [{"vendor": "azzaroco", "product": "Ultimate Membership Pro", "versions": [{"status": "affected", "changes": [{"at": "13.7.1", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "<= 13.7"}], "packageName": "indeed-membership-pro", "collectionURL": "https://codecanyon.net", "defaultStatus": "unaffected"}], "datePublic": "2026-03-25T17:12:24.761Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/indeed-membership-pro/vulnerability/wordpress-ultimate-membership-pro-plugin-13-7-account-takeover-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through <= 13.7.", "supportingMedia": [{"type": "text/html", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.<p>This issue affects Ultimate Membership Pro: from n/a through <= 13.7.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-288", "description": "Authentication Bypass Using an Alternate Path or Channel"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:44.726Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25357", "state": "PUBLISHED", "dateUpdated": "2026-03-26T17:07:53.985Z", "dateReserved": "2026-02-02T12:52:48.541Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:14:44.726Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through <= 13.7."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n Usando una Ruta o Canal Alternativo en azzaroco Ultimate Membership Pro indeed-membership-pro permite Abuso de Autenticaci\u00f3n. Este problema afecta a Ultimate Membership Pro: desde n/a hasta &lt;= 13.7."}], "id": "CVE-2026-25357", "lastModified": "2026-03-26T18:16:28.443", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T17:16:46.743", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/indeed-membership-pro/vulnerability/wordpress-ultimate-membership-pro-plugin-13-7-account-takeover-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-288"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,13.7]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Ultimate Membership Pro", "source": "cna", "vendor": "azzaroco"}, "product": "ultimate_membership_pro", "vendor": "azzaroco"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-25T18:56:28.012485+00:00", "value": {"mitigation_remediation": ["Verify the installed version of the Ultimate Membership Pro plugin; if it is 13.7 or earlier, update to the latest available release or remove the plugin if no newer version exists.", "If an upgrade cannot be performed immediately, restrict the plugin\u2019s access to a trusted set of administrators and disable or limit any functionality that is not essential to site operations.", "Enable two\u2011factor authentication for all privileged accounts that interact with the membership system to reduce the risk of credential compromise.", "Monitor authentication logs for repeated failed or suspicious login attempts that may indicate exploitation attempts.", "Regularly check the vendor\u2019s website or security advisories for new patches and apply them as soon as they become available."], "summary": {"action": "Upgrade Plugin", "impact": "Authentication bypass leading to account takeover"}, "threat_synthesis": {"affected_systems": "The vulnerability impacts the WordPress Ultimate Membership Pro plugin supplied by azzaroco. All releases from the earliest available version up through version 13.7 are susceptible; no specific sub\u2011versions are listed beyond the upper bound of 13.7. WordPress sites that have installed any of these plugin versions are at risk; newer releases beyond 13.7 are not affected based on the information provided.", "description_and_impact": "An authentication bypass exists in the Ultimate Membership Pro plugin that allows an attacker to authenticate through an alternate path or channel, effectively granting them access to a user account without following the standard login flow. The issue is classified under CWE\u2011288 and exposes the system to unauthorized account takeover. If exploited, an attacker could assume the privileges of the compromised account, potentially accessing sensitive membership information or, if the account has administrative rights, modifying site content, changing configuration settings, or conducting further attacks from the compromised account.", "risk_and_exploitability": "No CVSS score or EPSS estimate is available, and the vulnerability is not listed in the CISA KEV catalog. It is inferred that the attack vector would involve sending web requests to the plugin\u2019s authentication endpoints or to an undisclosed alternate path that bypasses normal authentication checks, requiring only network access to the WordPress installation. Because the exploitation path is described as an alternate channel, the barrier to entry may be low, but the lack of published proof of exploitation means the real-world likelihood is uncertain. Nonetheless, account takeover poses significant confidentiality, integrity, and availability risks for a site that relies on this plugin for member management."}}}}, "created": "2026-03-25T21:44:55.897593+00:00", "updated": "2026-03-26T11:38:50.713457+00:00", "vendors": ["azzaroco", "azzaroco$PRODUCT$ultimate_membership_pro", "wordpress", "wordpress$PRODUCT$wordpress"]}