Users Ultra <= 3.1.0 - SQL Injection

The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...

CVE-2022-0769

The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...

EUVD-2015-9242

Malware in sbrugna...

EUVD-2015-4134

Malware in sbrugna...

EUVD-2015-9232

Malware in sbrugna...

EUVD-2015-9233

Malware in sbrugna...

EUVD-2015-9235

Malware in sbrugna...

CVE-2015-9392

The users-ultra plugin before 1.5.63 for WordPress has XSS via the pname parameter...

CVE-2015-9393

The users-ultra plugin before 1.5.63 for WordPress has XSS via the pdesc parameter...

CVE-2015-9395

The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action...

CVE-2015-9402

The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload...

CVE-2015-9394

The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=packageaddnew to wp-admin/admin-ajax.php...

WordPress插件Users Ultra SQL注入漏洞

WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin Users Ultra has a SQL injection vulnerability, which stems from the inability to properly clean and escape the datatarget...

CVE-2022-0769

The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...

CVE-2022-0769

The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...

Sql injection

The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...

CVE-2022-0769 Users Ultra <= 3.1.0 - Unauthenticated SQL Injection

The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...

CVE-2022-0769

Summary (concrete details from connected docs): CVE-2022-0769 affects the WordPress plugin Users Ultra up to version 3.1.0 . The vulnerability stems from improper sanitization/escaping of the data_target parameter before it is interpolated into an SQL statement, which is then executed via the rat...

WordPress plugin Users Ultra SQL注入漏洞

WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin Users Ultra has a SQL injection vulnerability, which stems from the inability to properly clean and escape the datatarget...

Users Ultra <= 3.1.0 - Unauthenticated SQL Injection

The plugin fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection. curl...