Member Hero 漏洞列表

共找到 2 个与 Member Hero 相关的漏洞

📅 加载漏洞趋势中...

CVE-2022-0885: Member Hero <=1.0.9 - Remote Code Execution POC

日期: 2025-08-01 | 影响软件: Member Hero

WordPress Member Hero plugin through 1.0.9 is susceptible to remote code execution. The plugin lacks authorization checks and does not validate the a request parameter in an AJAX action, allowing an attacker to call arbitrary PHP functions with no arguments. An attacker can thus execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.
CVE-2022-0885: Member Hero <=1.0.9 - Remote Code Execution POC

日期: 2025-08-01 | 影响软件: Member Hero

WordPress Member Hero plugin through 1.0.9 is susceptible to remote code execution. The plugin lacks authorization checks and does not validate the a request parameter in an AJAX action, allowing an attacker to call arbitrary PHP functions with no arguments. An attacker can thus execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.