VYPR
Medium severity5.9NVD Advisory· Published Sep 25, 2017· Updated Jun 17, 2026

CVE-2015-7315

CVE-2015-7315

Description

Plone 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, 4.2.0 through 4.2.7, 4.3.0 through 4.3.6, and 5.0rc1 allows remote attackers to add a new member to a Plone site with registration enabled, without acknowledgment of site administrator.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
Products.CMFPlonePyPI
>= 3.3.0, < 4.3.74.3.7
Products.CMFPlonePyPI
>= 5.0a1, < 5.0rc25.0rc2
PlonePyPI
>= 3.3, <= 3.3.6
PlonePyPI
>= 4.0a1, <= 4.0.10
PlonePyPI
>= 4.1a1, <= 4.1.6
PlonePyPI
>= 4.2a1, <= 4.2.7
PlonePyPI
>= 4.3a1, <= 4.3.6

Affected products

42
  • cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*+ 39 more
    • cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:4.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:plone:plone:5.0:rc1:*:*:*:*:*:*
  • ghsa-coords2 versions
    >= 3.3, <= 3.3.6+ 1 more
    • (no CPE)range: >= 3.3, <= 3.3.6
    • (no CPE)range: >= 3.3.0, < 4.3.7

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.