RSS   Vulnerabilities for 'Ultimatemember'   RSS

2018-02-16
 
CVE-2018-6944

CWE-79
 

 
core/lib/upload/um-file-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable.

 
 
CVE-2018-6943

CWE-79
 

 
core/lib/upload/um-image-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable.

 

 >>> Vendor: Ultimatemember 4 Products
Ultimate member
Ultimatemember
User profile & membership
Jobboardwp


Copyright 2024, cxsecurity.com

 

Back to Top