Описание
Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to read arbitrary files via unspecified vectors.
Ссылки
- Third Party Advisory
- Release Notes
- Third Party Advisory
- Release Notes
Уязвимые конфигурации
Конфигурация 1Версия до 2.0.4 (исключая)
cpe:2.3:a:ultimatemember:user_profile_\&_membership:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 53%
0.003
Низкий
7.5 High
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to read arbitrary files via unspecified vectors.
EPSS
Процентиль: 53%
0.003
Низкий
7.5 High
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-22