3.6.006

DATE	CVE	VULNERABILITY TITLE	RISK
2014-05-23	CVE-2014-3848	Permissions, Privileges, and Access Controls vulnerability in Imember360 The iMember360 plugin before 3.9.001 for WordPress does not properly restrict access, which allows remote attackers to obtain database credentials via the i4w_dbinfo parameter. network low complexity imember360 CWE-264	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.