Lucene search
CVE-2022-3966
Vulnerability found in Ultimate Member Plugin up to 2.5.0, allowing remote attackers to conduct pathname traversal via tpl argument manipulation
Show more
| Reporter | Title | Published | Views | Family All 6 |
|---|---|---|---|---|
 | Design/Logic Flaw | 13 Nov 202208:15 | – | prion |
 | CVE-2022-3966 | 13 Nov 202208:15 | – | osv |
 | CVE-2022-3966 Ultimate Member Plugin Template class-shortcodes.php load_template pathname traversal | 13 Nov 202200:00 | – | cvelist |
 | CVE-2022-3966 | 13 Nov 202208:15 | – | nvd |
 | WordPress Plugin Ultimate Member has an unspecified vulnerability | 15 Nov 202200:00 | – | cnvd |
 | WordPress Ultimate Member Plugin < 2.5.1 Directory Traversal Vulnerability | 17 Nov 202200:00 | – | openvas |
Node
[
{
"vendor": "unspecified",
"product": "Ultimate Member Plugin",
"versions": [
{
"version": "2.0",
"status": "affected"
},
{
"version": "2.1",
"status": "affected"
},
{
"version": "2.2",
"status": "affected"
},
{
"version": "2.3",
"status": "affected"
},
{
"version": "2.4",
"status": "affected"
},
{
"version": "2.5",
"status": "affected"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo13 Nov 2022 08:15Current
5.9Medium risk
Vulners AI Score5.9
CVSS34.3 - 7.5
EPSS0.00111