CVE-2015-9304

Name of the Vulnerable Software and Affected Versions ultimate-member plugin versions prior to 1.3.18

Description The issue is related to a Cross-Site Scripting (XSS) vulnerability, which occurs when an application includes user input in its output without proper validation or sanitization, allowing an attacker to inject malicious scripts. In this case, the vulnerability is triggered via text input.

Recommendations For versions prior to 1.3.18, update to version 1.3.18 or later to resolve the issue.