CVSS: 7.5EPSS: 91%CPEs: 1EXPL: 4CVE-2009-2762 – WordPress Core < 2.8.4 - Forced Password Reset
https://notcve.org/view.php?id=CVE-2009-2762
wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to force a password reset for the first user in the database, possibly the administrator, via a key[] array variable in a resetpass (aka rp) action, which bypasses a check that assumes that $key is not an array. wp-login.php en WordPress v2.8.3 y anteriores que permite a los atacantes remotos a forzar el restablecimiento de la contraseña para el primer usuario en la base de datos, posiblemente el administrador, a través de un key[] array variable en una acción resetpass (también conocido como rp), lo que evita un control que asume que $key no es un array. • https://www.exploit-db.com/exploits/6421 https://www.exploit-db.com/exploits/6397 https://www.exploit-db.com/exploits/9410 http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0114.html http://core.trac.wordpress.org/changeset/11798 http://secunia.com/advisories/36237 http://wordpress.org/development/2009/08/2-8-4-security-release http://www.exploit-db.com/exploits/9410 http://www.securityfocus.com/bid/36014 http://www.securitytracker.com/id?1022707 https:// • CWE-255: Credentials Management Errors CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2009-2854 – WordPress Core < 2.8.3 - Missing Authorization
https://notcve.org/view.php?id=CVE-2009-2854
Wordpress before 2.8.3 does not check capabilities for certain actions, which allows remote attackers to make unauthorized edits or additions via a direct request to (1) edit-comments.php, (2) edit-pages.php, (3) edit.php, (4) edit-category-form.php, (5) edit-link-category-form.php, (6) edit-tag-form.php, (7) export.php, (8) import.php, or (9) link-add.php in wp-admin/. Wordpress antes de v2.8.3 no comprueba los privilegios de ciertas acciones, lo cual facilita a atacantes remotos a la hora de hacer modificaciones no autorizadas a través de una solicitud directa a (1) edit-comments.php, (2)edit-pages.php, (3) edit. php, (4) edit-category-form.php (5) edit-link-category-form.php, (6) edit-tag-form.php, (7) export.php, (8) import.php, o (9) link-add.php en wp-admin/. • http://core.trac.wordpress.org/changeset/11765 http://core.trac.wordpress.org/changeset/11766 http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release http://www.debian.org/security/2009/dsa-1871 http://www.openwall.com/lists/oss-security/2009/08/04/5 • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 1%CPEs: 57EXPL: 2CVE-2009-2853 – WordPress Core < 2.8.3 - Authorization Bypass
https://notcve.org/view.php?id=CVE-2009-2853
Wordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.php, and (8) edit-tag-form.php in wp-admin/. Wordpress anterior a v2.8.3 permite a atacantes remotos conseguir privilegios a traves de una peticion directa a (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.php, y (8) edit-tag-form.php en wp-admin/. • http://core.trac.wordpress.org/changeset/11768 http://core.trac.wordpress.org/changeset/11769 http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release http://www.debian.org/security/2009/dsa-1871 http://www.openwall.com/lists/oss-security/2009/08/04/5 • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2009-2851 – WordPress Core <= 2.8.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-2851
Cross-site scripting (XSS) vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el interfaz de administrador en Wordpress anterior a v2.8.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria a través de una URL de comentarios de autor. • https://www.exploit-db.com/exploits/9250 http://bugs.gentoo.org/show_bug.cgi?id=278492 http://securitytracker.com/id?1022589 http://wordpress.org/development/2009/07/wordpress-2-8-2 http://www.debian.org/security/2009/dsa-1871 http://www.openwall.com/lists/oss-security/2009/07/21/1 https://bugzilla.redhat.com/show_bug.cgi?id=512900 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01241.html https://www.redhat.com/archives/fedora-package-announce/ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 101EXPL: 1CVE-2009-2432 – WordPress Core & WordPress MU < 2.8.1 - Full Path Disclosure
https://notcve.org/view.php?id=CVE-2009-2432
WordPress and WordPress MU before 2.8.1 allow remote attackers to obtain sensitive information via a direct request to wp-settings.php, which reveals the installation path in an error message. WordPress y WordPress MU antes de v2.8.1 permite a atacantes remotos obtener información sensible a través de una solicitud directa a wp-settings.php, el cual revela la ruta de instalación en un mensaje de error. • http://corelabs.coresecurity.com/index.php?action=view&type=advisory&name=WordPress_Privileges_Unchecked http://securitytracker.com/id?1022528 http://www.osvdb.org/55717 http://www.securityfocus.com/archive/1/504795/100/0/threaded http://www.vupen.com/english/advisories/2009/1833 https://exchange.xforce.ibmcloud.com/vulnerabilities/51734 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •