ThreatPress

WordPress Vulnerabilities Database

Back

WordPress iMember360 Plugin <= 3.9.001 - Code Execution

Product
iMember360
Description
This vulnerability allows authenticated administrators to execute arbitrary commands via shell metacharacters in the "i4w_trace" parameter.
Solution
Update the plugin.
Classification
Type Unknown
References
CVE Mitre
CVE
Name CVE-2014-8949
Versions
Affected In <= 3.9.001
Fixed In 3.9.002
Disclosure date
2014-11-15