ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 2.8.0 - Multiple vulnerabilities

Product
WordPress
Description
Because of these vulnerabilities, the attackers can obtain sensitive information via a direct request to wp-settings.php, that reveals the installation path in an error message.
Solution
Update WordPress.
Classification
Type Multi
References
CVE Mitre
CVE
Name CVE-2009-2432
Versions
Affected In <= 2.8.0
Fixed In 2.8.1
Disclosure date
2009-07-10
Credits
Fernando Arnaboldi