Lucene search
UsersultraUsers Ultra Membership
3 matches found
CVE-2015-9394
The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php.
8.8CVSS8.7AI score0.00149EPSS
CVE-2015-9402
The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload.
8.8CVSS8.7AI score0.00938EPSS
CVE-2015-9395
The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action.
8.8CVSS9.2AI score0.00637EPSS