ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Users Ultra Membership Plugin <= 1.5.58 - Unrestricted File Upload

Product
Users Ultra Membership
Description
Because of this vulnerability, any user can exploit a misbehavior of the plugin in order to upload csv files to the infected website.
Solution
Update the plugin.
Classification
Type Arbitrary File Upload
OWASP Top 10 A1: Injection
References
SecLists
CVE
Name CVE-N/A
Versions
Affected In <= 1.5.58
Fixed In 1.5.59
Disclosure date
2015-11-17
Credits
Panagiotis Vagenas
Submitter
ThreatPress