CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-4038

The WP Membership plugin 1.2.3 for WordPress allows remote authenticated users to gain administrator privileges via an iv_membership_update_user_settings action to wp-admin/admin-ajax.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.12

EPSS Ranking 93.5%

CVSS Severity

CVSS v2 Score 6.5

References

http://packetstormsecurity.com/files/132012/WordPress-WP-Membership-1.2.3-Privilege-Escalation.html
http://www.securityfocus.com/archive/1/535587/100/0/threaded
http://www.securityfocus.com/archive/1/535652/100/0/threaded
http://www.securityfocus.com/bid/74766
https://wpvulndb.com/vulnerabilities/7998
http://packetstormsecurity.com/files/132012/WordPress-WP-Membership-1.2.3-Privilege-Escalation.html
http://www.securityfocus.com/archive/1/535587/100/0/threaded
http://www.securityfocus.com/archive/1/535652/100/0/threaded
http://www.securityfocus.com/bid/74766
https://wpvulndb.com/vulnerabilities/7998

Products affected by CVE-2015-4038

Wpmembership » Wpmembership » Version: 1.2.3

cpe:2.3:a:wpmembership:wpmembership:1.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4038

Products

Pricing

Contact Us