CVE-2015-9490 (gamestheme_premium)

The ThemeMakers GamesTheme Premium theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI.

View Full Alert

Related Posts

  • CVE-2015-6960

    edx-platform before 2015-09-17 allows XSS via a team name. View Full Alert

  • CVE-2015-9297

    The events-manager plugin before 5.6 for WordPress has XSS. View Full Alert

  • CVE-2015-9295

    The contact-form-plugin plugin before 3.96 for WordPress has XSS. View Full Alert