CVE

CVE-2019-15873

CVE-2019-15873

The profilegrid-user-profiles-groups-and-communities plugin before 2.8.6 for WordPress has remote code execution via an wp-admin/admin-ajax.php request with the action=pm_template_preview&html=<?php substring followed by PHP code.

Source: CVE-2019-15873

Exit mobile version