Lucene search
K

5 matches found

NVD
NVD
added 2020/01/06 7:15 p.m.28 views

CVE-2015-4039

Multiple cross-site scripting XSS vulnerabilities in the WP Membership plugin 1.2.3 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via unspecified 1 profile fields or 2 new post content. NOTE: CVE-2015-4038 can be used to bypass the administrator confirmatio...

5.4CVSS5.2AI score0.02793EPSS
Exploits2References4
Prion
Prion
added 2020/01/06 7:15 p.m.22 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the WP Membership plugin 1.2.3 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via unspecified 1 profile fields or 2 new post content. NOTE: CVE-2015-4038 can be used to bypass the administrator confirmatio...

3.5CVSS5.6AI score0.08311EPSS
Exploits5References4Affected Software1
CVE
CVE
added 2020/01/06 6:40 p.m.109 views

CVE-2015-4039

The CVE-2015-4039 entry corresponds to the WordPress WP Membership plugin version 1.2.3, which contains stored XSS vulnerabilities. According to the sources, remote authenticated users can inject arbitrary script or HTML via (1) profile fields or (2) new post content. An additional note indicates...

5.4CVSS5AI score0.02793EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2015/06/03 8:0 p.m.68 views

CVE-2015-4038

The WP Membership plugin for WordPress (version 1.2.3) is affected by CVE-2015-4038: remote authenticated users can escalate privileges to Administrator via the iv_membership_update_user_settings action in wp-admin/admin-ajax.php. The vulnerability stems from improper authorization in that AJAX e...

6.5CVSS5.3AI score0.08311EPSS
Exploits3References5Affected Software1
Packet Storm
Packet Storm
added 2015/05/22 12:0 a.m.33 views

WordPress WP Membership 1.2.3 Privilege Escalation

Exploit Title: WordPress WP Membership plugin Privilege escalation Contact: https://twitter.com/panVagenas Vendor Homepage: http://wpmembership.e-plugins.com/ Software Link: http://codecanyon.net/item/wp-membership/10066554 Version: 1.2.3 Tested on: WordPress 4.2.2 CVE: CVE-2015-4038 1 Descriptio...

6.5CVSS0.1AI score0.08311EPSS
Exploits3
Rows per page
Query Builder