Lucene search
WpvulndbWPVDB-ID:F905D6E9-1901-4FF8-9960-6D765AF78BD6HistoryJun 02, 2022 - 12:00 a.m.
Ultimate Member < 2.4.0 - Subscriber+ Stored Cross-Site Scripting
2022-06-0200:00:00
wpscan.com
7
ultimate member
subscriber+
stored cross-site scripting
user profile pages
security issue
EPSS
0.001
Percentile
49.8%
The plugin does not sanitise and escape the Biography available on user profile pages, which could allow users to perform Cross-Site Scripting attacks via their profile
Related
prion
prion
Cross site scripting
2022-06-13 13:15:00
cvelist
cvelist
CVE-2022-1208
2022-06-13 12:43:38
patchstack
patchstack
cnvd
cnvd
WordPress Ultimate Member plugin跨站脚本漏洞
2022-06-15 00:00:00
osv
osv
CVE-2022-1208
2022-06-13 13:15:10
cve
cve
CVE-2022-1208
2022-06-13 13:15:10
nvd
nvd
CVE-2022-1208
2022-06-13 13:15:10
openvas
openvas
WordPress Ultimate Member Plugin <= 2.3.2 XSS Vulnerability
2022-06-14 00:00:00