WordPress Plugin Vulnerabilities

iMember360 < 3.9.001 - Multiple Issues

Description

- Disclosure of database credentials
- XSS Vulnerabilities
- Arbitrary user deletion
- Arbitrary code execution

Affects Plugins

Plugin icon
imember360
Fixed in 3.9.001

References

CVE
CVE-2014-3848
CVE
CVE-2014-3849
CVE
CVE-2014-3842
CVE
CVE-2014-8948
CVE
CVE-2014-8949
URL
https://packetstormsecurity.com/files/#126324/
URL
https://seclists.org/fulldisclosure/2014/Apr/265

Miscellaneous

Verified
No
WPVDB ID
8bf18054-d78b-47ca-b9d7-bcaba2cc81ba

Timeline

Publicly Published
2014-04-24 (about 12 years ago)
Added
2019-08-26 (about 6 years ago)
Last Updated
2019-11-28 (about 6 years ago)

Other

Published
Title
Published
2020-01-02
Title
Postie < 1.9.41 - Post Submission Spoofing & Stored Cross-Site Scripting (XSS)
Published
2012-04-23
Title
Organizer <= 1.2.1 - Cross Site Scripting / Path Disclosure
Published
2020-03-12
Title
Popup Builder < 3.64.1 - Multiple Issues
Published
2014-12-12
Title
WP Popup <= 1.3 - XSS & CSRF
Published
2014-11-15
Title
WP Support Plus Responsive Ticket System < 4.2 - Multiple Issues