Lucene search

[email protected]NVD:CVE-2010-0682

HistoryFeb 23, 2010 - 8:30 p.m.

CVE-2010-0682

2010-02-2320:30:00

CWE-264

[email protected]

web.nvd.nist.gov

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.5%

JSON

WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.

Affected configurations

NVD

Node

wordpresswordpressMatch2.9

wordpresswordpressMatch2.9.1

wordpresswordpressMatch2.9.1beta1

wordpresswordpressMatch2.9.1rc1

References

hakre.wordpress.com/2010/02/16/the-short-memory-of-wordpress-org-security/

lists.fedoraproject.org/pipermail/package-announce/2011-January/052917.html

lists.fedoraproject.org/pipermail/package-announce/2011-January/052932.html

secunia.com/advisories/38592

secunia.com/advisories/42871

tmacuk.co.uk/?p=180

wordpress.org/development/2010/02/wordpress-2-9-2/

www.osvdb.org/62330

core.trac.wordpress.org/ticket/11236

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.5%

JSON

Related for NVD:CVE-2010-0682

cve1 debiancve1 ubuntucve1 patchstack1 prion1 openvas7 wpvulndb1 cvelist1 nessus2 fedora2