VYPR
High severity8.8NVD Advisory· Published Jul 19, 2025· Updated Jun 17, 2026

CVE-2015-10139

CVE-2015-10139

Description

The WPLMS theme for WordPress is vulnerable to Privilege Escalation in versions 1.5.2 to 1.8.4.1 via the 'wp_ajax_import_data' AJAX action. This makes it possible for authenticated attackers to change otherwise restricted settings and potentially create a new accessible admin account.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.

CVE-2015-10139 · High · VYPR