ThreatPress

WordPress Vulnerabilities Database

Back

WordPress - Privileges Unchecked in admin.php and Multiple Information

Product
WordPress
Description
This WordPress vulnerability was found in the way that WordPress handles some URL requests. It results the content of plugins configuration pages in some plugins modifying plugin options, unprivileged users viewing and injecting JavaScript code. The code is abitrary and it may be run by a malicious attacker, if the administrator of the blog runs injected JavasScript code that edits blog's PHP code. Most of all the blogs that are powered by WordPress and hosted outside "WordPress.com", let any person to create unprivileged users that are called subscribers. Also, there disclosure of important username's information were found in WordPress.
Solution
A vulnerability may be mitigated by controlling access to file that is inside the "wp-admin" folder. It can be done by using Apache access control mechanism, in other words, ".htaccess" file.
Classification
Type Multi
References
Exploit-DB
CVE
Name CVE-2009-2334
Versions
Affected In <= 2.8
Fixed In 2.8.1
Disclosure date
2009-07-10
Credits
Core Security