3 matches found
CVE-2015-9337
The profile-builder plugin before 2.1.4 for WordPress has no access control for activating or deactivating addons via AJAX...
CVE-2015-9337
The profile-builder plugin before 2.1.4 for WordPress has no access control for activating or deactivating addons via AJAX...
CVE-2015-9337
The CVE concerns the WordPress plugin Profile Builder. Before version 2.1.4, it has no access control for activating or deactivating addons via AJAX, enabling unauthorized addon management and potentially partial integrity impact. Affected software: WordPress Profile Builder plugin (pre-2.1.4). R...