55 matches found
Users Ultra <= 3.1.0 - SQL Injection
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...
CVE-2022-0769
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...
EUVD-2015-9233
Malware in sbrugna...
EUVD-2015-9235
Malware in sbrugna...
EUVD-2015-4134
Malware in sbrugna...
EUVD-2015-9232
Malware in sbrugna...
EUVD-2015-9242
Malware in sbrugna...
CVE-2015-9392
The users-ultra plugin before 1.5.63 for WordPress has XSS via the pname parameter...
CVE-2015-9393
The users-ultra plugin before 1.5.63 for WordPress has XSS via the pdesc parameter...
CVE-2015-9395
The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action...
CVE-2015-9402
The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload...
CVE-2015-9394
The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=packageaddnew to wp-admin/admin-ajax.php...
WordPress插件Users Ultra SQL注入漏洞
WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin Users Ultra has a SQL injection vulnerability, which stems from the inability to properly clean and escape the datatarget...
CVE-2022-0769
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...
CVE-2022-0769
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...
CVE-2022-0769
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...
Sql injection
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...
CVE-2022-0769 Users Ultra <= 3.1.0 - Unauthenticated SQL Injection
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...
CVE-2022-0769
Summary (concrete details from connected docs): CVE-2022-0769 affects the WordPress plugin Users Ultra up to version 3.1.0 . The vulnerability stems from improper sanitization/escaping of the data_target parameter before it is interpolated into an SQL statement, which is then executed via the rat...
WordPress plugin Users Ultra SQL注入漏洞
WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin Users Ultra has a SQL injection vulnerability, which stems from the inability to properly clean and escape the datatarget...