Lucene search
HistoryJun 03, 2015 - 8:59 p.m.
CVE-2015-4038
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
5.4
Confidence
High
EPSS
0.006
Percentile
78.5%
The WP Membership plugin 1.2.3 for WordPress allows remote authenticated users to gain administrator privileges via an iv_membership_update_user_settings action to wp-admin/admin-ajax.php.
Affected configurations
Node
wpmembershipwpmembershipMatch1.2.3wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wpmembership | wpmembership | 1.2.3 | cpe:2.3:a:wpmembership:wpmembership:1.2.3:*:*:*:*:wordpress:*:* |
Related
zdt
zdt
WordPress WP Membership Plugin 1.2.3 Privilege Escalation Vulnerability
2015-05-23 00:00:00
cvelist
cvelist
CVE-2015-4038
2015-06-03 20:00:00
CVE-2015-4039
2020-01-06 18:40:57
patchstack
patchstack
WordPress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities
2015-05-21 00:00:00
cve
cve
CVE-2015-4038
2015-06-03 20:59:05
CVE-2015-4039
2020-01-06 19:15:11
securityvulns
securityvulns
packetstorm
packetstorm
WordPress WP Membership 1.2.3 Privilege Escalation
2015-05-22 00:00:00
prion
prion
Code injection
2015-06-03 20:59:00
Cross site scripting
2020-01-06 19:15:00
wpvulndb
wpvulndb
WP Membership <= 1.2.3 - Multiple Vulnerabilities
2015-05-21 00:00:00
exploitdb
exploitdb
WordPress Plugin WP Membership 1.2.3 - Multiple Vulnerabilities
2015-05-21 00:00:00
nvd
nvd
CVE-2015-4039
2020-01-06 19:15:11
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
5.4
Confidence
High
EPSS
0.006
Percentile
78.5%
Related for NVD:CVE-2015-4038