The iMember360 plugin for WordPress had a security vulnerability (CVE-2014-8948) that allowed remote authenticated administrators to execute any command they wanted with the use of special characters. This vulnerability could also be exploited by remote attackers to execute code. It is unclear if this issue can be used to bypass privileges.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
