Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Ultimate Member | ForumWP | unaffected |
|
Configuration 1 [-]
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-52489 | Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This issue affects ForumWP: from n/a through 2.1.0. |
Wed, 01 Apr 2026 23:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This issue affects ForumWP: from n/a through 2.1.0. | Deserialization of Untrusted Data vulnerability in Ultimate Member ForumWP forumwp allows Object Injection.This issue affects ForumWP: from n/a through <= 2.1.0. |
| References |
Wed, 05 Feb 2025 14:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Ultimatemember
Ultimatemember forumwp |
|
| CPEs | cpe:2.3:a:ultimatemember:forumwp:*:*:*:*:free:wordpress:*:* cpe:2.3:a:ultimatemember:forumwp:*:*:*:*:pro:wordpress:*:* |
|
| Vendors & Products |
Ultimatemember
Ultimatemember forumwp |
Mon, 16 Dec 2024 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 16 Dec 2024 14:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This issue affects ForumWP: from n/a through 2.1.0. | |
| Title | WordPress ForumWP plugin <= 2.1.0 - PHP Object Injection vulnerability | |
| Weaknesses | CWE-502 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-04-28T16:10:50.777Z
Reserved: 2024-12-02T12:05:34.988Z
Link: CVE-2024-54367
Vulnrichment
Updated: 2024-12-16T15:57:07.877Z
NVD
Status : Modified
Published: 2024-12-16T15:15:10.027
Modified: 2026-04-23T15:22:14.320
Link: CVE-2024-54367
Redhat
No data.
OpenCVE Enrichment
No data.