The iMember360 plugin prior to 3.9.001 for WordPress does not properly restrict access, which allows remote malicious users to obtain database credentials via the i4w_dbinfo parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
imember360 imember360 |