Vulnerabilidades em Ultimate Member
12 resultadosCVE-2018-0588—Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackerEPSS 2.6%CVE-2018-0586—Directory traversal vulnerability in the shortcodes function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote auEPSS 1.6%CVE-2018-0590—Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to bypass access restriction to modify theEPSS 1.1%CVE-2018-0589—Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to bypass access restriction to add a new EPSS 1.1%CVE-2018-0587—Unrestricted file upload vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated users to uEPSS 1.1%CVE-2018-0585—Cross-site scripting vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to inject arbitrarEPSS 1.0%CVE-2024-54367CRITICALWordPress ForumWP plugin <= 2.1.0 - PHP Object Injection vulnerabilityEPSS 0.7%CVE-2021-24306—Ultimate Member < 2.1.20 - Authenticated Reflected Cross-Site Scripting (XSS)EPSS 0.6%CVE-2020-37169MEDIUMWordPress Plugin ultimate-member 2.1.3 Local File InclusionEPSS 0.2%CVE-2025-47691MEDIUMWordPress Ultimate Member plugin <= 2.10.3 - Arbitrary Function Call vulnerabilityEPSS 0.2%CVE-2023-31216MEDIUMWordPress Ultimate Member Plugin <= 2.6.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-67474MEDIUMWordPress ForumWP plugin <= 2.1.4 - Broken Access Control vulnerabilityEPSS 0.2%