WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin Ultimate Member plugin 2.5.0 and earlier versions are vulnerable to a directory traversal vulnerability that results from a failure to validate the input of the “template” attribute used in the shortcode. The vulnerability is caused by a failure to validate the input of the “template” attribute used in the shortcode, which can be exploited by an attacker by… /… /… to obtain sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress ultimate member plugin | le | 2.5.0 |