4 matches found
CVE-2018-0588
Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to read arbitrary files via unspecified vectors...
CVE-2018-0588
Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to read arbitrary files via unspecified vectors...
CVE-2018-0588
CVE-2018-0588 is a directory traversal in the AJAX function of the WordPress plugin Ultimate Member, affecting versions prior to 2.0.4. The vulnerability allows remote attackers to read arbitrary files on the server via unspecified vectors. Multiple connected sources corroborate this issue and li...
JVN#28804532: Multiple vulnerabilities in WordPress plugin "Ultimate Member"
The WordPress plugin "Ultimate Member" provided by Ultimate Member contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2018-0585 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...