Lucene search
HistoryDec 06, 2010 - 1:37 p.m.
CVE-2010-4403
wordpress
register plus
plugin
security
cve-2010-4403
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.0%
The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message.
Affected configurations
Node
devbitsregister-plusRange≤3.5.1
ORdevbitsregister-plusMatch1.1
ORdevbitsregister-plusMatch1.2
ORdevbitsregister-plusMatch2.0
ORdevbitsregister-plusMatch2.1
ORdevbitsregister-plusMatch2.2
ORdevbitsregister-plusMatch2.3
ORdevbitsregister-plusMatch2.4
ORdevbitsregister-plusMatch2.5
ORdevbitsregister-plusMatch2.6
ORdevbitsregister-plusMatch2.7
ORdevbitsregister-plusMatch2.8
ORdevbitsregister-plusMatch2.9
ORdevbitsregister-plusMatch3.0
ORdevbitsregister-plusMatch3.0.1
ORdevbitsregister-plusMatch3.0.2
ORdevbitsregister-plusMatch3.1
ORdevbitsregister-plusMatch3.2
ORdevbitsregister-plusMatch3.3
ORdevbitsregister-plusMatch3.4
ORdevbitsregister-plusMatch3.4.1
ORdevbitsregister-plusMatch3.5
wordpresswordpress
Related
ubuntucve
ubuntucve
CVE-2010-4403
2010-12-06 00:00:00
nvd
nvd
CVE-2010-4403
2010-12-06 13:37:32
prion
prion
Information disclosure
2010-12-06 13:37:00
cvelist
cvelist
CVE-2010-4403
2010-12-04 23:00:00
wpvulndb
wpvulndb
Register Plus <= 3.5.1 - Full Path Disclosure
2010-11-25 00:00:00
patchstack
patchstack
WordPress Register Plus Plugin <= 3.5.1 - Multiple Vulnerabilities
2010-12-04 00:00:00
openvas
openvas
WordPress Register Plus Plugin Multiple Vulnerabilities
2010-12-27 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.0%
Related for CVE-2010-4403