CVE-2015-4038
N/A
N/A
Summary
The WP Membership plugin 1.2.3 for WordPress allows remote authenticated users to gain administrator privileges via an iv_membership_update_user_settings action to wp-admin/admin-ajax.php.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://wpvulndb.com/vulnerabilities/7998
- http://www.securityfocus.com/archive/1/535587/100/0/threaded
- http://packetstormsecurity.com/files/132012/WordPress-WP-Membership-1.2.3-Privilege-Escalation.html
- http://www.securityfocus.com/bid/74766
- http://www.securityfocus.com/archive/1/535652/100/0/threaded
References
- https://wpvulndb.com/vulnerabilities/7998
- http://www.securityfocus.com/archive/1/535587/100/0/threaded
- http://packetstormsecurity.com/files/132012/WordPress-WP-Membership-1.2.3-Privilege-Escalation.html
- http://www.securityfocus.com/bid/74766
- http://www.securityfocus.com/archive/1/535652/100/0/threaded
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.