Home » 2009 » July » 10
WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures
Core Security Technologies - CoreLabs Advisory
  http://www.coresecurity.com/corelabs/

WordPress Privileges Unchecked in admin.php and Multiple Information
Disclosures



1. *Advisory Information*

Title: WordPress Privileges Unchecked in admin.php and Multiple
Information Disclosures
Advisory ID: CORE-2009-0515
Advisory URL:
http://corelabs.coresecurity.com/index.php?action=view&type=advisory&name=WordPress_Privileges_Unchecked
Date published: 2009-07-08
Date of last update: 2009-07-08
Vendors contacted: WordPress
Release mode: Coordinated release


2. *Vulnerability Information*

Class: Local file include, Privileges unchecked, Cross site scripting
(XSS), Information disclosure
Remotely Exploitable: Yes
Locally Exploitable: No
Bugtraq ID: 35581, 35584
CVE Name: CVE-2009-2334, CVE-2009-2335, CVE-2009-2336


3. *Vulnerability Description*

WordPress is a web application written i ... Read more »
Views: 11243 | Added by: apeh1706 | Date: 10 July 2009 | Comments (15)

close