High severity8.8NVD Advisory· Published Aug 26, 2018· Updated Jun 17, 2026
CVE-2018-15877
CVE-2018-15877
Description
The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainview_activity_monitor&tab=activity_tools request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2< 20180826+ 1 more
- (no CPE)range: < 20180826
- (no CPE)range: <20180826
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/155502/WordPress-Plainview-Activity-Monitor-20161228-Remote-Command-Execution.htmlnvdExploitThird Party AdvisoryVDB Entry
- packetstormsecurity.com/files/163425/WordPress-Plainview-Activity-Monitor-20161228-Remote-Code-Execution.htmlnvdExploitThird Party AdvisoryVDB Entry
- github.com/aas-n/CVE/tree/master/CVE-2018-15877nvdExploitThird Party Advisory
- www.exploit-db.com/exploits/45274/nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.