| VID |
210086 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The WordPress program is vulnerable to an information disclosure vulnerability in the 'wp-includes/query.php' script. WordPress is a freely available PHP-based publication program that uses a MySQL backend database. WordPress version 2.3.1 and earlier versions could allow a remote attacker to disclose sensitive information, caused by improper checking for administrative credentials in the 'is_admin()' function in the 'wp-includes/query.php' script. By sending a specially-crafted URL request to the 'index.php' script containing the string 'wp-admin/', a remote attacker could exploit this vulnerability to bypass certain security restrictions and to disclose sensitive or system information.
* References:
http://trac.wordpress.org/ticket/5487
http://www.securityfocus.com/archive/1/485160/30/0/threaded
http://secunia.com/advisories/28130/
* Platforms Affected:
Matthew Mullenweg, WordPress version 2.3.1 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of WordPress (2.3.2 or later), available from the WordPress Download Web site at http://wordpress.org/download/ |
| Related URL |
(CVE) |
| Related URL |
26885 (SecurityFocus) |
| Related URL |
(ISS) |
|
