Lucene search
HistoryAug 18, 2009 - 9:00 p.m.
CVE-2009-2852
cve-2009-2852
wp-syntax plugin
wordpress
remote code execution
nvd
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
Low
0.02 Low
EPSS
Percentile
89.0%
WP-Syntax plugin 0.9.1 and earlier for Wordpress, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via the test_filter[wp_head] array parameter to test/index.php, which is used in a call to the call_user_func_array function.
Affected configurations
Node
ryan.mcgearywp-syntaxRangeβ€0.9.1
wordpresswordpress
| CPE | Name | Operator | Version |
|---|---|---|---|
| ryan.mcgeary:wp-syntax | ryan.mcgeary wp-syntax | le | 0.9.1 |
Related
patchstack
patchstack
WordPress WP-Syntax Plugin <= 0.9.1 - Remote Command Execution
2009-08-27 00:00:00
WordPress Zedity Plugin <= 2.4.0 - Cross Site Scripting
2014-08-01 00:00:00
seebug
seebug
WordPress WP-Syntaxζδ»ΆθΏη¨PHP代η ζ§θ‘ζΌζ΄
2009-08-28 00:00:00
prion
prion
Code injection
2009-08-18 21:00:00
cvelist
cvelist
CVE-2009-2852
2009-08-18 20:41:00
nvd
nvd
CVE-2009-2852
2009-08-18 21:00:00
nessus
nessus
WP-Syntax Plugin for WordPress 'apply_filters' function Command Execution
2009-08-14 00:00:00
wpvulndb
wpvulndb
WP-Syntax < 0.9.10 - Remote Comm& Execution
2014-08-01 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
Low
0.02 Low
EPSS
Percentile
89.0%
Related for CVE-2009-2852