Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ultimate vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-9304
The ultimate-member plugin prior to 1.3.18 for WordPress has XSS via text input.
Ultimatemember Ultimate Member
NA
CVE-2023-23800
Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin — Shortcodes Ultimate.This issue affects WP Shortcodes Plugin — Shortcodes Ultimate: from n/a up to and including 5.12.6.
Getshortcodes Shortcodes Ultimate
383
VMScore
CVE-2021-24274
The Ultimate Maps by Supsystic WordPress plugin prior to 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
Supsystic Ultimate Maps
312
VMScore
CVE-2019-14945
The ultimate-member plugin prior to 2.0.54 for WordPress has XSS.
Ultimatemember Ultimate Member
312
VMScore
CVE-2019-14947
The ultimate-member plugin prior to 2.0.52 for WordPress has XSS during an account upgrade.
Ultimatemember Ultimate Member
383
VMScore
CVE-2019-15643
The ultimate-faqs plugin prior to 1.8.22 for WordPress has XSS.
Etoilewebdesign Ultimate Faq
605
VMScore
CVE-2017-2886
A memory corruption vulnerability exists in the .PSD parsing functionality of ACDSee Ultimate 10.0.0.292. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in potential code execution. An attacker can send a specific .PSD file to trigger this ...
Acdsee Ultimate 10.0.0.292
NA
CVE-2023-5667
The Tab Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authent...
Themepoints Tab Ultimate
NA
CVE-2022-3966
A vulnerability, which was classified as critical, has been found in Ultimate Member Plugin up to 2.5.0. This issue affects the function load_template of the file includes/core/class-shortcodes.php of the component Template Handler. The manipulation of the argument tpl leads to p...
Ultimatemember Ultimate Member
383
VMScore
CVE-2018-20965
The ultimate-member plugin prior to 2.0.4 for WordPress has XSS.
Ultimatemember Ultimate Member
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »