๐Ÿ” CVE Alert

CVE-2026-11766

HIGH 8.0

Ultimate Member < 2.12.0 - Subscriber+ Stored XSS via Custom Textarea Profile Fields

CVSS Score
8.0
EPSS Score
0.0%
EPSS Percentile
0th

The Ultimate Member WordPress plugin before 2.12.0 does not properly sanitise and escape the value of custom textarea profile fields before outputting it on user profiles, allowing authenticated users with Subscriber-level access and above to store JavaScript that executes when any user, including an administrator, views the affected profile.

Vendor unknown
Product ultimate member
Published Jul 6, 2026
Last Updated Jul 6, 2026
Stay Ahead of the Next One

Get instant alerts for unknown ultimate member

Be the first to know when new high vulnerabilities affecting unknown ultimate member are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Unknown / Ultimate Member
0 < 2.12.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
wpscan.com: https://wpscan.com/vulnerability/96adb2d3-af34-4455-97d4-90af58049e78/

Credits

Meher Sudhakar Abbireddi WPScan