← back
CVE-2018-0586

CVE-2018-0586

EPSS 1.6%
Directory traversal vulnerability in the shortcodes function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to read arbitrary files via unspecified vectors.
Affected products
Ultimate Member · Ultimate Member

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://jvn.jp/en/jp/JVN28804532/index.htmlhttps://wordpress.org/plugins/ultimate-member/#developershttps://wpvulndb.com/vulnerabilities/9608