Fix critical security vulnerability in Ultimate Member plugin

Resolved CVE-2025-15064 by deprecating HTML usage in user descriptions. Updated plugin version to 2.11.2 across files and documentation, ensuring users are informed and prompted to upgrade immediately.
This commit is contained in:
Mykyta Synelnikov
2025-12-30 11:12:01 +02:00
parent cc92e91aa7
commit 690154b42f
6 changed files with 28 additions and 89 deletions
+1 -1
View File
@@ -44,7 +44,7 @@ GNU Version 2 or Any Later Version
### IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSION 2.6.7 PATCHES SECURITY PRIVILEGE ESCALATION VULNERABILITY. PLEASE SEE [THIS ARTICLE](https://docs.ultimatemember.com/article/1866-security-incident-update-and-recommended-actions) FOR MORE INFORMATION
[Official Release Version: 2.11.1](https://github.com/ultimatemember/ultimatemember/releases/tag/2.11.1).
[Official Release Version: 2.11.2](https://github.com/ultimatemember/ultimatemember/releases/tag/2.11.2).
## Changelog