Access Control Flaw in iMember360 Plugin for WordPress
CVE-2014-3848

Currently unrated

Key Information:

Vendor

Wordpress
Status
Imember360
Vendor
CVE Published:
23 May 2014

What is CVE-2014-3848?

The iMember360 plugin for WordPress exhibits a significant access control flaw in versions prior to 3.9.001. This vulnerability allows remote attackers to exploit the i4w_dbinfo parameter, gaining unauthorized access to sensitive database credentials. By bypassing established access restrictions, attackers can retrieve critical information, potentially leading to further exploitation of the WordPress environment.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://packetstormsecurity.com/files/126324/WordPress-iMe...
x_refsource_MISC
http://www.exploit-db.com/exploits/33076
exploitx_refsource_EXPLOIT-DB
http://www.osvdb.org/106298
vdb-entryx_refsource_OSVDB

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.