ThreatPress

WordPress Vulnerabilities Database

Back

WordPress User Meta Manager Plugin 3.4.6 - Information Disclosure

Product
User Meta Manager
Description
Because of this vulnerability, any user, who is registered, can perform many AJAX requests and in that way get all contents of "usermeta" DB table.
Solution
Upgrade to version 3.4.8.
Classification
Type Information Disclosure
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 3.4.6
Fixed In 3.4.7
Disclosure date
2016-02-08
Credits
Panagiotis Vagenas