2 matches found
CVE-2014-8949
The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the i4wtrace parameter. NOTE: this can be leveraged with CVE-2014-8948 to allow remote attackers to execute code. NOTE: it is not clear...
CVE-2014-8949
The CVE-2014-8949 issue affects the WordPress iMember360 plugin versions 3.8.012–3.9.001. It allows remote authenticated administrators to execute arbitrary commands by injecting shell metacharacters into the i4w_trace parameter. Note that this can be combined with CVE-2014-8948 to enable code ex...