Lucene search
MitreCVELIST:CVE-2015-4039HistoryJan 06, 2020 - 6:40 p.m.
CVE-2015-4039
2020-01-0618:40:57
mitre
www.cve.org
9
Multiple cross-site scripting (XSS) vulnerabilities in the WP Membership plugin 1.2.3 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via unspecified (1) profile fields or (2) new post content. NOTE: CVE-2015-4038 can be used to bypass the administrator confirmation step for vector 2.
Related
wpvulndb
wpvulndb
WP Membership <= 1.2.3 - Multiple Vulnerabilities
2015-05-21 00:00:00
prion
prion
Cross site scripting
2020-01-06 19:15:00
Code injection
2015-06-03 20:59:00
exploitdb
exploitdb
WordPress Plugin WP Membership 1.2.3 - Multiple Vulnerabilities
2015-05-21 00:00:00
cve
cve
CVE-2015-4039
2020-01-06 19:15:11
CVE-2015-4038
2015-06-03 20:59:05
nvd
nvd
CVE-2015-4039
2020-01-06 19:15:11
CVE-2015-4038
2015-06-03 20:59:05
zdt
zdt
WordPress WP Membership Plugin 1.2.3 Privilege Escalation Vulnerability
2015-05-23 00:00:00
cvelist
cvelist
CVE-2015-4038
2015-06-03 20:00:00
patchstack
patchstack
WordPress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities
2015-05-21 00:00:00
securityvulns
securityvulns
CVE-2015-4038 - WordPress WP Membership plugin [Privilege escalation]
2015-06-08 00:00:00
CVE-2015-4039 - WordPress WP Membership plugin [Stored XSS]
2015-06-08 00:00:00
packetstorm
packetstorm
WordPress WP Membership 1.2.3 Privilege Escalation
2015-05-22 00:00:00
WordPress WP Membership 1.2.3 Cross Site Scripting
2015-05-22 00:00:00