4 matches found
WordPress WPLMS Theme Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress WPLMS Theme Privilege Escalation', 'Description' = %q The WordPress WPLMS theme from version 1.5.2 to 1.8.4.1 allows an authenticated...
CVE-2018-18252
An issue was discovered in CapMon Access Manager 5.4.1.1005. CALRunElevated.exe provides "NT AUTHORITY\SYSTEM" access to unprivileged users via the --system option...
WordPress WP EasyCart Plugin Privilege Escalation
The WordPress WP EasyCart plugin from version 1.1.30 to 3.0.20 allows authenticated users of any user level to set any system option via a lack of validation in the ecajaxupdateoption and ecajaxclearalltaxrates functions located in /inc/admin/adminajaxfunctions.php. The module first changes the...
WordPress WPLMS Theme Privilege Escalation
The WordPress WPLMS theme from version 1.5.2 to 1.8.4.1 allows an authenticated user of any user level to set any system option due to a lack of validation in the importdata function of /includes/func.php. The module first changes the admin e-mail address to prevent any notifications being sent t...