5 matches found
CVE-2009-2334
Technical details about CVE-2009-2334 (affected WordPress plugins/config exposure, root cause, affected versions, exploitability) are not publicly provided in the connected documents. Monitor for updates.
CVE-2009-2335
CVE-2009-2335 affects WordPress and WordPress MU prior to 2.8.1, where a failed login behaves differently depending on whether the user account exists, enabling remote enumeration of valid usernames. The vendor reportedly disputes the significance of the issue, calling the behavior for user conve...
CVE-2009-1030
Technical details about CVE-2009-1030 are not provided in the attached documents. Monitor for updates from vendors and security advisories.
CVE-2009-2336
CVE-2009-2336 affects WordPress and WordPress MU prior to 2.8.1, where the password reset/request behavior differs based on account existence, enabling remote username enumeration. The issue has a CVSS 2.0 base score of 5.0 (Network, Low attack complexity, No authentication). The vendor reportedl...
CVE-2009-2432
CVE-2009-2432 affects WordPress and WordPress MU prior to 2.8.1. The flaw allows remote attackers to disclose the installation path via a direct request to wp-settings.php, resulting in exposure of server filesystem information. This is an information-disclosure vulnerability with no documented e...