iMember360 < 3.9.001 - Multiple Issues



Description
- Disclosure of database credentials
- XSS Vulnerabilities
- Arbitrary user deletion
- Arbitrary code execution

Affects Plugin

fixed in version 3.9.001

References

CVE 2014-3848
CVE 2014-3849
CVE 2014-3842
CVE 2014-8948
CVE 2014-8949
PacketStorm 126324
URL https://seclists.org/fulldisclosure/2014/Apr/265

Classification

Type MULTI

Miscellaneous

Views 564
Verified No
WPVDB ID 9814

Timeline

Publicly Published 2014-04-24 (about 6 years ago)
Added 2019-08-26 (11 months ago)
Last Updated 2019-11-28 (8 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin