CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2015-9487 – Almera Responsive Portfolio Site Template < 1.1.8 - Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2015-9487
The ThemeMakers Almera Responsive Portfolio theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. El tema ThemeMakers Almera Responsive Portfolio versiones hasta el 15-05-2015 para WordPress, permite a atacantes remotos obtener información confidencial (tal y como valores de los parámetros user_login, user_pass y user_email) por medio de una petición directa para el URI wp-content/uploads/tmm_db_migrate/wp_users.dat. • https://packetstormsecurity.com/files/131957 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2015-9488 – Almera Responsive Portfolio Site Template < 2015-05-15 - Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2015-9488
The ThemeMakers Almera Responsive Portfolio Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. El componente ThemeMakers Almera Responsive Portfolio Site Template versiones hasta el 15-05-2015 para WordPress, permite a atacantes remotos obtener información confidencial (tal y como valores de los parámetros user_login, user_pass y user_email) por medio de una petición directa para el URI wp-content/uploads/tmm_db_migrate/wp_users.dat. The ThemeMakers Almera Responsive Portfolio Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. **This template is a site theme, not a WordPress theme. • https://packetstormsecurity.com/files/131957 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •