WordPress Plugin Vulnerabilities

Users Ultra <= 1.5.15 - SQL Injection

Description

The Users Ultra Membership, Users Community and Member Profiles With PayPal Integration Plugin WordPress plugin was affected by a SQL Injection security vulnerability.

Affects Plugins

Plugin icon
users-ultra
Fixed in 1.5.16

References

CVE
CVE-2015-4109
URL
https://packetstormsecurity.com/files/#132181/

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
1dee112a-2ca8-4bc3-9f61-06b253c5810b

Timeline

Publicly Published
2015-06-04 (about 10 years ago)
Added
2015-06-07 (about 10 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2015-12-11
Title
Link Log < 2.1 - SQL Injection
Published
2024-04-12
Title
CBX Bookmark & Favorite < 1.7.21 - Admin+ SQLi
Published
2017-08-14
Title
Link-Library <= 5.9.13.26 – Authenticated SQL Injection
Published
2015-02-09
Title
WP eCommerce <= 3.8.6 - SQL Injection
Published
2026-03-22
Title
TaxoPress < 3.45.0 - Authenticated (Editor+) SQL Injection