CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
86.4%
Wordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.php, and (8) edit-tag-form.php in wp-admin/.
Vendor | Product | Version | CPE |
---|---|---|---|
wordpress | wordpress | 0.71 | cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:* |
wordpress | wordpress | 0.71 | cpe:2.3:a:wordpress:wordpress:0.71:beta:*:*:*:*:*:* |
wordpress | wordpress | 0.71 | cpe:2.3:a:wordpress:wordpress:0.71:beta_3:*:*:*:*:*:* |
wordpress | wordpress | 0.72 | cpe:2.3:a:wordpress:wordpress:0.72:*:*:*:*:*:*:* |
wordpress | wordpress | 0.72 | cpe:2.3:a:wordpress:wordpress:0.72:beta_1:*:*:*:*:*:* |
wordpress | wordpress | 0.72 | cpe:2.3:a:wordpress:wordpress:0.72:beta_2:*:*:*:*:*:* |
wordpress | wordpress | 0.72 | cpe:2.3:a:wordpress:wordpress:0.72:rc1:*:*:*:*:*:* |
wordpress | wordpress | 0.711 | cpe:2.3:a:wordpress:wordpress:0.711:*:*:*:*:*:*:* |
wordpress | wordpress | 1.0 | cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:* |
wordpress | wordpress | 1.0.1 | cpe:2.3:a:wordpress:wordpress:1.0.1:miles:*:*:*:*:*:* |