The plugin does not validate user input passed to call_user_func() via the populate_dropdown_options () function, which could allow any authenticated users, such as subscriber to call arbitrary functions without argument (ie phpinfo())
CPE | Name | Operator | Version |
---|---|---|---|
ultimate-member | lt | 2.5.1 |