279 matches found
Privilege escalation
Unauth. Privilege Escalation vulnerability in ARMember premium plugin = 5.5.1 on WordPress...
CVE-2022-42888 WordPress ARMember Plugin <= 5.5.1 is vulnerable to Privilege Escalation
Unauth. Privilege Escalation vulnerability in ARMember premium plugin = 5.5.1 on WordPress...
CVE-2022-42888
ARMember premium plugin for WordPress (versions
CVE-2022-42888 WordPress ARMember Plugin <= 5.5.1 is vulnerable to Privilege Escalation
Unauth. Privilege Escalation vulnerability in ARMember premium plugin = 5.5.1 on WordPress...
PT-2022-26644 · WordPress · Armember
Name of the Vulnerable Software and Affected Versions: ARMember premium plugin versions = 5.5.1 Description: The issue is related to an Unauth. Privilege Escalation vulnerability. It affects the ARMember premium plugin on WordPress. Recommendations: For ARMember premium plugin versions = 5.5.1,...
WordPress plugin ARMember 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. bbPress is a forum plugin used in it. WordPress plugin is an application plugin. A...
ARMember < 5.6 - Unauthenticated Privilege Escalation
The plugin could allow unauthenticated attackers to escalate themselves as admin...
WordPress plugin ARMember 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...
WordPress plugin ARMember 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
WordPress ARMember plugin has an unspecified vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress ARMember plugin versions prior to 3.4.8 have a security vulnerability that stems from the plugin's...
CVE-2022-1903
The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover even the administrator due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username...
CVE-2022-1903
The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover even the administrator due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username...
CVE-2022-1903
The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover even the administrator due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username...
Authorization
The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover even the administrator due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username...
CVE-2022-1903
CVE-2022-1903 affects the ARMember WordPress plugin (versions before 3.4.8). The underlying issue is missing nonce and authorization checks in an AJAX action accessible to unauthenticated users, enabling an attacker to change the password of arbitrary usernames and take over accounts (potentially...
CVE-2022-1903 ARMember < 3.4.8 - Unauthenticated Admin Account Takeover
The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover even the administrator due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username...
WordPress plugin ARMember 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress ARMember plugin versions prior to 3.4.8 have a security vulnerability that stems from the plugin's...
WordPress ARMember plugin <= 3.4.7 - Unauthenticated Admin Account Takeover vulnerability
Unauthenticated Admin Account Takeover vulnerability discovered by cydave in WordPress ARMember plugin versions = 3.4.7. Solution Update the WordPress ARMember plugin to the latest available version at least 3.4.8...
VulnCheck KEV: CVE-2022-1903
The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover even the administrator due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username...