Description
The Ultimate Member plugin before 2.1.13 for WordPress mishandles hidden name="timestamp" fields in forms.
Remediation
References
Related Vulnerabilities
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663)
WordPress Plugin User Role by BestWebSoft Cross-Site Scripting (1.5.1)
Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2015-8864)
Oracle Application Server CVE-2010-0070 Vulnerability (CVE-2010-0070)
WordPress Plugin Contact Form DB Cross-Site Request Forgery (2.8.31)