Descrição
An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. The upload_import function in the class.llms.admin.import.php script is prone to an unauthenticated options import vulnerability that could lead to privilege escalation (administrator account creation), website redirection, and stored XSS.
Software
Não informado
Tipo Software
Plugin
CVE
CVE-2019-15896
Tags
Nâo informado
Data de publicação
10/09/2019
Última atualização
08/12/2024
Pontuação em CVSS 3.0
9.8
Crítico