CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-10140

The Ajax Load More plugin before 2.8.1.2 does not have authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber, to upload and delete arbitrary files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.442

EPSS Ranking 97.4%

CVSS Severity

CVSS v3 Score 8.8

References

https://wpscan.com/vulnerability/9f0c926e-0609-4c89-a724-88e16bcfa82a

Products affected by CVE-2015-10140

Connekthq » Ajax Load More » Version: N/A

cpe:2.3:a:connekthq:ajax_load_more:-
Connekthq » Ajax Load More » Version: 2.0

cpe:2.3:a:connekthq:ajax_load_more:2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-10140

Products

Pricing

Contact Us