Lucene search

K

Member Hero <= 1.0.9 - Unauthenticated RCE

🗓️ 18 May 2022 00:00:00Reported by Harald EilertsenType 
wpvulndb
 wpvulndb
🔗 wpscan.com👁 11 Views

The Member Hero plugin version 1.0.9 is vulnerable to unauthenticated remote code execution due to lack of authorization checks and validation of request parameters, allowing arbitrary PHP function calls by unauthenticated users

Show more
Related
Detection
Vulners

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
18 May 2022 00:00Current
3.1Low risk
Vulners AI Score3.1
EPSS0.173
11
.json
Report