This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Ultimatemember
  • Ultimate Member
Wordpress
  • Wordpress

No data.

No data.

References

No reference.

History

Tue, 21 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Title WordPress Ultimate Member plugin <= 2.11.3 - Broken Access Control vulnerability
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 21 Apr 2026 11:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-862
References

Tue, 21 Apr 2026 11:15:00 +0000

Type Values Removed Values Added
Description Missing Authorization vulnerability in Ultimate Member Ultimate Member ultimate-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Member: from n/a through <= 2.11.3. This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Thu, 09 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 08 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Ultimatemember
Ultimatemember ultimate Member
Wordpress
Wordpress wordpress
Vendors & Products Ultimatemember
Ultimatemember ultimate Member
Wordpress
Wordpress wordpress

Wed, 08 Apr 2026 08:45:00 +0000

Type Values Removed Values Added
Description Missing Authorization vulnerability in Ultimate Member Ultimate Member ultimate-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Member: from n/a through <= 2.11.3.
Title WordPress Ultimate Member plugin <= 2.11.3 - Broken Access Control vulnerability
Weaknesses CWE-862
References
cve-icon MITRE

Status: REJECTED

Assigner: Patchstack

Published: 2026-04-08T08:30:36.852Z

Updated: 2026-04-21T10:53:33.975Z

Reserved: 2026-04-07T10:57:53.260Z

Link: CVE-2026-39659

cve-icon Vulnrichment

Updated:

cve-icon NVD

Status : Rejected

Published: 2026-04-08T09:16:37.110

Modified: 2026-04-21T11:16:19.123

Link: CVE-2026-39659

cve-icon Redhat

No data.