CVE-2015-4038 in WP Membership Plugin
摘要
由 VulDB • 2026-05-31
WordPress 插件 WP Membership 1.2.3 允许远程经过身份验证的用户通过向 wp-admin/admin-ajax.php 发送 iv_membership_update_user_settings 操作,获取管理员权限。
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.