Executive Summary
InformationsName
CVE-2019-15896
First vendor Publication
2019-09-10
Vendor
Cve
Last vendor Modification
2019-09-10
Security-Database Scoring CVSS v2
Cvss vector :
Cvss Base Score
Not Defined
Attack Range
Not Defined
Cvss Impact Score
Not Defined
Attack Complexity
Not Defined
Cvss Expoit Score
Not Defined
Authentication
Not Defined
Calculate full CVSS 2.0 Vectors scores
Detail
An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. The upload_import function in the class.llms.admin.import.php script is prone to an unauthenticated options import vulnerability that could lead to privilege escalation (administrator account creation), website redirection, and stored XSS.
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15896
Sources (Detail)
Source
Url
MISC
https://wordpress.org/plugins/lifterlms/#developershttps://wpvulndb.com/vulnerabilities/9871
Alert History
If you want to see full details history, please login or register. Date
Informations
2019-09-10 21:19:52
Support the originator by clicking the read the rest link below.