← back
CVE-2017-1002008

CVE-2017-1002008

EPSS 16.9%
Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.
Affected products
William DeAngelis · membership-simplified-for-oap-members-only
public PoCs found2
cve_referencewww.exploit-db.com/exploits/41622/unverifiedexploitdbwww.exploit-db.com/exploits/41622unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://wordpress.org/plugins/membership-simplified-for-oap-members-onlyhttps://wpvulndb.com/vulnerabilities/8777https://www.exploit-db.com/exploits/41622/http://www.vapidlabs.com/advisory.php?v=187