CVE-2012-2402

2012-04-2123:55:00

CWE-264

[email protected]

web.nvd.nist.gov

wordpress

cve

2012

2402

vulnerability

wp-admin

plugins.php

nvd

5.8 Medium

AI Score

Confidence

Low

5.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

0.002 Low

EPSS

Percentile

51.8%

JSON

wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors.

CPENameOperatorVersion
wordpress:wordpresswordpresseq3.0.5
wordpress:wordpresswordpresseq2.8.5.2
wordpress:wordpresswordpresseq1.2.3
wordpress:wordpresswordpresseq2.0.11
wordpress:wordpresswordpresseq1.3.3
wordpress:wordpresswordpresseq2.8.6
wordpress:wordpresswordpresseq2.0
wordpress:wordpresswordpresseq2.1.1
wordpress:wordpresswordpresseq2.2.3
wordpress:wordpresswordpresseq2.0.2

CPE	Name	Operator	Version
wordpress:wordpress	wordpress	eq	3.0.5
wordpress:wordpress	wordpress	eq	2.8.5.2
wordpress:wordpress	wordpress	eq	1.2.3
wordpress:wordpress	wordpress	eq	2.0.11
wordpress:wordpress	wordpress	eq	1.3.3
wordpress:wordpress	wordpress	eq	2.8.6
wordpress:wordpress	wordpress	eq	2.0
wordpress:wordpress	wordpress	eq	2.1.1
wordpress:wordpress	wordpress	eq	2.2.3
wordpress:wordpress	wordpress	eq	2.0.2