[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-0682Date: (C)2010-02-23   (M)2023-12-22


WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.0
Exploit Score: 8.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
SECUNIA-38592
SECUNIA-42871
OSVDB-62330
FEDORA-2010-19329
FEDORA-2010-19330
http://hakre.wordpress.com/2010/02/16/the-short-memory-of-wordpress-org-security/
http://tmacuk.co.uk/?p=180
http://wordpress.org/development/2010/02/wordpress-2-9-2/
https://core.trac.wordpress.org/ticket/11236

CPE    2
cpe:/a:wordpress:wordpress:2.9
cpe:/a:wordpress:wordpress:2.9.1
CWE    1
CWE-264
OVAL    2
oval:org.secpod.oval:def:101204
oval:org.secpod.oval:def:101176

© SecPod Technologies