WordPress iMember360 Plugin <= 3.9.001 - Disclosure of Database Credentials
- Product
- iMember360
- Description
- Because of this vulnerability, the attackers can obtain database credentials via the "i4w_dbinfo" parameter.
- Solution
- Update the plugin.
- Classification
-
Type Information Disclosure
- References
-
CVE Mitre
- CVE
- Name CVE-2014-3848
- Versions
-
Affected In
<= 3.9.001
Fixed In 3.9.002 - Disclosure date
- 2014-05-23
- Credits
- Everett Griffiths