1. Home
  2. CVE Database
  3. CVE-2015-9485
HIGH · 7.5

CVE-2015-9485

The ThemeMakers Accio Responsive Parallax One Page Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and ...

Vulnerability Description

The ThemeMakers Accio Responsive Parallax One Page Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
Accio Responsive Onepage Parallax Site Template ProjectAccio Responsive Onepage Parallax Site Template<= 2015-05-15

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2015-9485?

CVE-2015-9485 is a vulnerability with a CVSS score of 7.5 (HIGH). The ThemeMakers Accio Responsive Parallax One Page Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and ...

How severe is CVE-2015-9485?

CVE-2015-9485 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-9485?

Check the references section above for vendor advisories and patch information. Affected products include: Accio Responsive Onepage Parallax Site Template Project Accio Responsive Onepage Parallax Site Template.