Report
The iMember360 plugin before 3.9.001 for WordPress does not properly restrict access, which allows remote attackers to obtain database credentials via the i4w_dbinfo parameter.
Score:7.5
Severity:High
Version: 3.9.001
There is a patch available in v3.9.002 and we strongly recommend you update to this version as soon as possible.
