mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-07-11 10:46:11 +09:00
Fix security vulnerability CVE-2025-13220 in Ultimate Member.
Addressed CVE-2025-13220 by implementing necessary fixes in the plugin's shortcodes and updating sanitization for shortcode attributes. Removed redundant compatibility checks for WordPress versions earlier than 5.4 and improved stability in the shortcode handling logic.
This commit is contained in:
@@ -169,7 +169,9 @@ IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSI
|
||||
|
||||
= 2.11.1 2025-12-xx =
|
||||
|
||||
**Bugfixes**
|
||||
|
||||
* Fixed: CVE-2025-13220.
|
||||
|
||||
= 2.11.0 2025-12-02 =
|
||||
|
||||
@@ -336,6 +338,9 @@ IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSI
|
||||
|
||||
== Upgrade Notice ==
|
||||
|
||||
= 2.11.1 =
|
||||
This version fixes a security related bug. Upgrade immediately.
|
||||
|
||||
= 2.10.4 =
|
||||
This version fixes a security related bug. Upgrade immediately.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user