WordPress 2.2.x and 2.3.x allows remote malicious users to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wordpress wordpress 2.2 |
||
wordpress wordpress 2.3 |