Vulnerabilities > Usersultra > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-20 | CVE-2015-9402 | Unrestricted Upload of File with Dangerous Type vulnerability in Usersultra Users Ultra Membership The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload. | 8.8 |
| 2019-09-20 | CVE-2015-9395 | SQL Injection vulnerability in Usersultra Users Ultra Membership 1.5.59/1.5.63 The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action. | 8.8 |
| 2019-09-20 | CVE-2015-9394 | Cross-Site Request Forgery (CSRF) vulnerability in Usersultra Users Ultra Membership 1.5.59 The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php. | 8.8 |