The plugin does not validate and sanitize the template attribute of its shortcode before using it in an include statement, which could allow users with a role as low as contributor to perform local file inclusion attacks via a Traversal vector
CPE | Name | Operator | Version |
---|---|---|---|
ultimate-member | lt | 2.5.1 |