ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 3.4.1 - Multiple vulnerabilities

Product
WordPress
Description
Multiple vulnerabilities are in the wp-admin/plugins.php. Because of that, remote authenticated users can make unintended plugin changes by leveraging the Administrator role.
Solution
Update WordPress.
Classification
Type Multi
References
CVE Mitre
CVE
Name CVE-2012-4422
Versions
Affected In <= 3.4.1
Fixed In 3.4.2
Disclosure date
2012-08-21
Credits
Kurt Seifried