CVE-2018-0588

Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to read arbitrary files via unspecified vectors. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt