Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-5297HistoryJan 21, 2014 - 1:55 a.m.
CVE-2010-5297
2014-01-2101:55:03
Debian Security Bug Tracker
security-tracker.debian.org
8
wordpress
multisite
access restriction
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
EPSS
0.002
Percentile
58.8%
WordPress before 3.0.1, when a Multisite installation is used, permanently retains the “site administrators can add users” option once changed, which might allow remote authenticated administrators to bypass intended access restrictions in opportunistic circumstances via an add action after a temporary change.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | wordpress | < 3.0.1-1 | wordpress_3.0.1-1_all.deb |
| Debian | 11 | all | wordpress | < 3.0.1-1 | wordpress_3.0.1-1_all.deb |
| Debian | 999 | all | wordpress | < 3.0.1-1 | wordpress_3.0.1-1_all.deb |
| Debian | 13 | all | wordpress | < 3.0.1-1 | wordpress_3.0.1-1_all.deb |
Related
wpvulndb
wpvulndb
WordPress 2.0 - 3.0 Remote Authenticated Administrator Add Action Bypass
2014-08-01 10:58:24
nvd
nvd
CVE-2010-5297
2014-01-21 01:55:03
patchstack
patchstack
WordPress <= 3.0.0
2014-01-20 00:00:00
openvas
openvas
WordPress < 3.0.1 Access Restriction Bypass Vulnerability
2022-12-08 00:00:00
cve
cve
CVE-2010-5297
2014-01-21 01:55:03
nessus
nessus
WordPress < 3.0.1 Security Bypass
2014-03-12 00:00:00
ubuntucve
ubuntucve
CVE-2010-5297
2014-01-21 00:00:00
prion
prion
Design/Logic Flaw
2014-01-21 01:55:00
cvelist
cvelist
CVE-2010-5297
2014-01-21 01:00:00
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
EPSS
0.002
Percentile
58.8%
Related for DEBIANCVE:CVE-2010-5297