Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2017-1002009

Disclosure Date: September 14, 2017 (last updated November 26, 2024)
Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete function.
0
0
Attacker Value
Unknown

CVE-2017-1002010

Disclosure Date: September 14, 2017 (last updated November 26, 2024)
Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete_media function.
0
0
Attacker Value
Unknown

CVE-2017-1002008

Disclosure Date: September 14, 2017 (last updated November 26, 2024)
Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0