Lucene search
Everett GriffithsPATCHSTACK:945C252F97A9852DF48BCE980F06AB05HistoryMay 23, 2014 - 12:00 a.m.
WordPress iMember360 Plugin <= 3.9.001 - Arbitrary user deletion
2014-05-2300:00:00
Everett Griffiths
patchstack.com
4
0.008 Low
EPSS
Percentile
81.5%
Because of this vulnerability, the attackers can delete arbitrary users via a request containing a user name in the “Email” parameter and the API key in the “i4w_clearuser” parameter.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| imember360 | le | 3.9.001 |
Related
prion
prion
Design/Logic Flaw
2014-05-23 14:55:00
nvd
nvd
CVE-2014-3849
2014-05-23 14:55:12
cve
cve
CVE-2014-3849
2022-10-03 16:20:25
cvelist
cvelist
CVE-2014-3849
2022-10-03 16:20:25
wpvulndb
wpvulndb
iMember360 < 3.9.001 - Multiple Issues
2014-04-24 00:00:00