2 matches found
CVE-2014-3849
The iMember360 plugin 3.8.012 through 3.9.001 for WordPress does not properly restrict access, which allows remote attackers to delete arbitrary users via a request containing a user name in the Email parameter and the API key in the i4wclearuser parameter...
CVE-2014-3849
The CVE-2014-3849 issue affects WordPress with the iMember360 plugin versions 3.8.012–3.9.001. The vulnerability stems from improper access restriction that allows remote attackers to delete arbitrary users by sending a request that places a user name in the Email parameter and the API key in the...