ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 2.0.6 - Full Path disclosure

Product
WordPress
Description
Because of this vulnerability, the attackers can obtain sensitive information via an invalid m[] parameter.
Solution
Update the WordPress to the latest available version (at least 2.0.7).
Classification
Type Information Disclosure
OWASP Top 10 A6: Sensitive Data Exposure
References
CVE Mitre
CVE
Name CVE-2007-0262
Versions
Affected In <= 2.0.6
Fixed In 2.0.7
Disclosure date
2007-01-16
Credits
Xy7
Submitter
ThreatPress