Wordpress Mu@* Security Vulnerabilities and Issues — Wordpress Mu@* CVE List

WordpressWordpress Mu*

4 matches found

CVE•added 2008/12/19 6:0 p.m.•184 views

CVE-2008-5695

CVE-2008-5695 affects WordPress MU pre-1.3.2 and WordPress pre-2.3.2, where wp-admin/options.php fails to properly validate option update requests. This allows remote authenticated users with manage_options and upload_files to execute arbitrary code by uploading a PHP script and adding its pathna...

8.5CVSS7.2AI score0.16371EPSS

Web

CVE•added 2009/07/10 8:25 p.m.•91 views

CVE-2009-2335

CVE-2009-2335 affects WordPress and WordPress MU prior to 2.8.1, where a failed login behaves differently depending on whether the user account exists, enabling remote enumeration of valid usernames. The vendor reportedly disputes the significance of the issue, calling the behavior for user conve...

5CVSS6.4AI score0.85338EPSS

CVE•added 2009/07/10 8:25 p.m.•62 views

CVE-2009-2336

CVE-2009-2336 affects WordPress and WordPress MU prior to 2.8.1, where the password reset/request behavior differs based on account existence, enabling remote username enumeration. The issue has a CVSS 2.0 base score of 5.0 (Network, Low attack complexity, No authentication). The vendor reportedl...

5CVSS6.6AI score0.02303EPSS

CVE•added 2008/10/22 10:0 a.m.•47 views

CVE-2008-4671

WordPress MU (WPMU)

4.3CVSS5.6AI score0.00813EPSS

Web