ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 2.8.2 - BYPASS

Product
WordPress
Description
Because of this admin password reset security Bypass vulnerability, the attackers can force a password reset for the first user in the database, possibly the administrator.
Solution
Update WordPress.
Classification
Type BYPASS
References
CVE Mitre
CVE
Name CVE-2009-2762
Versions
Affected In <= 2.8.2
Fixed In 2.8.3
Disclosure date
2009-08-13
Credits
Laurent Gaffie