Lucene search
MitreCVE-2009-2853HistoryAug 18, 2009 - 9:00 p.m.
CVE-2009-2853
2009-08-1821:00:00
CWE-264
mitre
web.nvd.nist.gov
53
cve-2009-2853
wordpress
2.8.3
privilege escalation
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0.014
Percentile
86.4%
Wordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.php, and (8) edit-tag-form.php in wp-admin/.
Affected configurations
Node
wordpresswordpressMatch0.71
ORwordpresswordpressMatch0.71beta
ORwordpresswordpressMatch0.71beta_3
ORwordpresswordpressMatch0.72
ORwordpresswordpressMatch0.72beta_1
ORwordpresswordpressMatch0.72beta_2
ORwordpresswordpressMatch0.72rc1
ORwordpresswordpressMatch0.711
ORwordpresswordpressMatch1.0
ORwordpresswordpressMatch1.0.1miles
ORwordpresswordpressMatch1.0.1rc1
ORwordpresswordpressMatch1.2
ORwordpresswordpressMatch1.2beta
ORwordpresswordpressMatch1.2rc1
ORwordpresswordpressMatch1.2.1
ORwordpresswordpressMatch1.2.2
ORwordpresswordpressMatch1.5
ORwordpresswordpressMatch1.5.1
ORwordpresswordpressMatch1.5.1.3
ORwordpresswordpressMatch1.5.2
ORwordpresswordpressMatch2.0
ORwordpresswordpressMatch2.0.1
ORwordpresswordpressMatch2.0.2
ORwordpresswordpressMatch2.0.3
ORwordpresswordpressMatch2.0.4
ORwordpresswordpressMatch2.0.5ronan
ORwordpresswordpressMatch2.0.6
ORwordpresswordpressMatch2.0.7
ORwordpresswordpressMatch2.0.9
ORwordpresswordpressMatch2.0.10
ORwordpresswordpressMatch2.0.11
ORwordpresswordpressMatch2.1ella
ORwordpresswordpressMatch2.1.1
ORwordpresswordpressMatch2.1.1dangerous
ORwordpresswordpressMatch2.1.2
ORwordpresswordpressMatch2.1.3
ORwordpresswordpressMatch2.2
ORwordpresswordpressMatch2.2.1
ORwordpresswordpressMatch2.2.2
ORwordpresswordpressMatch2.2.3
ORwordpresswordpressMatch2.3
ORwordpresswordpressMatch2.3beta3
ORwordpresswordpressMatch2.3rc1
ORwordpresswordpressMatch2.3.1
ORwordpresswordpressMatch2.3.1rc1
ORwordpresswordpressMatch2.3.2
ORwordpresswordpressMatch2.5
ORwordpresswordpressMatch2.5.1
ORwordpresswordpressMatch2.6
ORwordpresswordpressMatch2.6.1
ORwordpresswordpressMatch2.6.2
ORwordpresswordpressMatch2.6.3
ORwordpresswordpressMatch2.7coltrane
ORwordpresswordpressMatch2.7.1
ORwordpresswordpressMatch2.8
ORwordpresswordpressMatch2.8.1
ORwordpresswordpressMatch2.8.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wordpress | wordpress | 0.71 | cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:* |
| wordpress | wordpress | 0.71 | cpe:2.3:a:wordpress:wordpress:0.71:beta:*:*:*:*:*:* |
| wordpress | wordpress | 0.71 | cpe:2.3:a:wordpress:wordpress:0.71:beta_3:*:*:*:*:*:* |
| wordpress | wordpress | 0.72 | cpe:2.3:a:wordpress:wordpress:0.72:*:*:*:*:*:*:* |
| wordpress | wordpress | 0.72 | cpe:2.3:a:wordpress:wordpress:0.72:beta_1:*:*:*:*:*:* |
| wordpress | wordpress | 0.72 | cpe:2.3:a:wordpress:wordpress:0.72:beta_2:*:*:*:*:*:* |
| wordpress | wordpress | 0.72 | cpe:2.3:a:wordpress:wordpress:0.72:rc1:*:*:*:*:*:* |
| wordpress | wordpress | 0.711 | cpe:2.3:a:wordpress:wordpress:0.711:*:*:*:*:*:*:* |
| wordpress | wordpress | 1.0 | cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:* |
| wordpress | wordpress | 1.0.1 | cpe:2.3:a:wordpress:wordpress:1.0.1:miles:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2009-08-18 21:00:00
dsquare
dsquare
WordPress 2.8.3 RCE
2012-05-10 00:00:00
ubuntucve
ubuntucve
CVE-2009-2853
2009-08-18 00:00:00
patchstack
patchstack
WordPress <= 2.8.2 - Multiple Vulnerabilities #2
2009-08-18 00:00:00
nessus
nessus
WordPress < 2.8.3 'wp-admin' Multiple Security Bypass Vulnerabilities
2018-01-26 00:00:00
Debian DSA-1871-1 : wordpress - several vulnerabilities
2010-02-24 00:00:00
cvelist
cvelist
CVE-2009-2853
2009-08-18 20:41:00
nvd
nvd
CVE-2009-2853
2009-08-18 21:00:00
debiancve
debiancve
CVE-2009-2853
2009-08-18 21:00:00
seebug
seebug
WordPress wp-admin้ๆๆ็ฎก็่ฎฟ้ฎๆผๆด
2009-09-02 00:00:00
openvas
openvas
WordPress 'wp-admin' Multiple Vulnerabilities (Aug 2009)
2009-08-20 00:00:00
Debian Security Advisory DSA 1871-2 (wordpress)
2009-09-02 00:00:00
Debian: Security Advisory (DSA-1871-1)
2009-09-02 00:00:00
debian
debian
[SECURITY] [DSA 1871-2] New wordpress packages fix regression
2009-08-27 01:39:01
[SECURITY] [DSA 1871-1] New wordpress packages fix several vulnerabilities
2009-08-23 03:41:14
osv
osv
wordpress - regression fix
2009-08-23 00:00:00
wordpress - several vulnerabilities
2009-08-23 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0.014
Percentile
86.4%
Related for CVE-2009-2853