DEBIAN-CVE-2008-3747
The 1 geteditpostlink and 2 geteditcommentlink functions in wp-includes/link-template.php in WordPress before 2.6.1 do not force SSL communication in the intended situations, which might allow remote attackers to gain administrative access by sniffing the network for a cookie...