WordPress plugin ultimate-member 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

EUVD-2018-18687

Malware in sbrugna...

EUVD-2018-18688

Malware in sbrugna...

Cross site scripting

core/lib/upload/um-file-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable...

Cross site scripting

core/lib/upload/um-image-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable...

CVE-2018-6944

core/lib/upload/um-file-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable...

CVE-2018-6943

core/lib/upload/um-image-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable...

CVE-2018-6944

CVE-2018-6944 affects the WordPress plugin UltimateMember (version 2.0) where core/lib/upload/um-file-upload.php is vulnerable to cross-site scripting due to improper sanitization of input assigned to the $temp variable. This XSS vulnerability could allow injected JavaScript to be executed in the...