Ultimate Member < 2.0.4 – Multiple Issues | CVE 2018-0585

Affects Plugins

ultimate-member

Fixed in 2.0.4

References

CVE

CVE-2018-0585

CVE

CVE-2018-0586

CVE

CVE-2018-0587

CVE

CVE-2018-0588

CVE

CVE-2018-0590

CVE

CVE-2018-20965

CVE

CVE-2018-0589

URL

https://jvn.jp/en/jp/JVN28804532/

Miscellaneous

Verified

No

WPVDB ID

82d4e235-2af1-443d-a3ff-d1ed4869782e

Timeline

Publicly Published

2018-05-10 (about 8 years ago)

Added

2019-08-23 (about 6 years ago)

Last Updated

2020-08-12 (about 5 years ago)

Other

Published

Title

Published

2018-03-11

Title

Bbp Move Topics < 1.1.6 - Code Injection & CSRF

Published

2021-06-30

Title

MailOptin < 1.2.35.2 - Unauthorised AJAX Call

Published

2019-05-06

Title

W3 Total Cache < 0.9.7.4 - Blind SSRF and RCE via phar

Published

2019-05-31

Title

Zoho SalesIQ <= 1.0.8 - XSS & CSRF

Published

2016-04-17

Title

Kento Post View Counter <= 2.8 - CSRF & multiple XSS