4 matches found
CVE-2022-0885
The Member Hero WordPress plugin through 1.0.9 lacks authorization checks, and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with no arguments...
CVE-2022-0885
The Member Hero WordPress plugin through 1.0.9 lacks authorization checks, and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with no arguments...
PT-2022-13501 · WordPress · Member Hero
Name of the Vulnerable Software and Affected Versions: Member Hero WordPress plugin versions 1.0.0 through 1.0.9 Description: The issue lacks authorization checks and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with n...
WordPress plugin Member Hero 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...