Security Advisory

CVE-2015-10139

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-07-19 11:23:36

Last updated 2026-04-08 16:59:36

Assigner Wordfence

State PUBLISHED

Description

The WPLMS theme for WordPress is vulnerable to Privilege Escalation in versions 1.5.2 to 1.8.4.1 via the wp_ajax_import_data AJAX action. This makes it possible for authenticated attackers to change otherwise restricted settings and potentially create a new accessible admin account.

← Browse all CVEs View on cve.org ↗