{"id":"CVE-2018-20965","details":"The ultimate-member plugin before 2.0.4 for WordPress has XSS.","modified":"2026-04-10T04:07:44.147369Z","published":"2019-08-12T16:15:13.790Z","references":[{"type":"ADVISORY","url":"https://wordpress.org/plugins/ultimate-member/#developers"},{"type":"ADVISORY","url":"https://wpvulndb.com/vulnerabilities/9608"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ultimatemember/ultimatemember","events":[{"introduced":"0"},{"fixed":"ae980d610bae82e2eec4d7b9f45f307c49dd549e"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.0.4"}]}}],"versions":["1.3.48","1.3.59","1.3.88","1.3.88.4","1.3.88.5","1.3.88.6","pre-v1.3.50","pre-v1.3.69.16","pre-v1.3.69.17","pre-v1.3.69.18","pre-v1.3.69.19","pre-v1.3.69.20","pre-v1.3.69.21","pre-v1.3.69.22","pre-v1.3.69.23","pre-v1.3.69.24","pre-v1.3.69.25","v1.3.29","v1.3.30","v1.3.32","v1.3.35","v1.3.36","v1.3.37","v1.3.38","v1.3.39","v1.3.40","v1.3.41","v1.3.42","v1.3.43","v1.3.44","v1.3.45","v1.3.47","v1.3.49","v1.3.51","v1.3.52","v1.3.53","v1.3.54","v1.3.55","v1.3.56","v1.3.60","v1.3.61","v1.3.62","v1.3.63","v1.3.64","v1.3.65","v1.3.66","v1.3.67","v1.3.68","v1.3.69","v1.3.71","v1.3.72","v1.3.73","v1.3.74","v1.3.75","v1.3.76","v1.3.78","v1.3.79","v1.3.81","v1.3.82","v1.3.83","v1.3.84","v1.3.88.1","v1.3.88.2","v1.3.88.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20965.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}