Skip to main content

Wpmembership

1 CVEs product

Monthly

CVE-2015-4038 MEDIUM POC THREAT This Month

The WP Membership plugin 1.2.3 for WordPress allows remote authenticated users to gain administrator privileges via an iv_membership_update_user_settings action to wp-admin/admin-ajax.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.0%.

WordPress Privilege Escalation PHP Wpmembership
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
12.0%
EPSS 12% CVSS 6.5
MEDIUM POC THREAT This Month

The WP Membership plugin 1.2.3 for WordPress allows remote authenticated users to gain administrator privileges via an iv_membership_update_user_settings action to wp-admin/admin-ajax.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.0%.

WordPress Privilege Escalation PHP +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy