Wpml Wpml : Security vulnerabilities, CVEs Bypass

CVE-2015-2792

The WPML plugin before 3.1.9 for WordPress does not properly handle multiple actions in a request, which allows remote attackers to bypass nonce checks and perform arbitrary actions via a request containing an action POST parameter, an action GET parameter, and a valid nonce for the action GET parameter.

Max CVSS

7.5

EPSS Score

0.53%

Published

2015-03-30

Updated

2015-03-31

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Wpml » Wpml : Security Vulnerabilities, CVEs, (Bypass)

CVE-2015-2792