Published: 10/07/2009 Updated: 10/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote malicious users to obtain sensitive information by reading the HTML source.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wordpress wordpress 2.7.1

Debian Bug report logs - #536724 wordpress: CORE-2009-0515 priviledges unchecked and multiple information disclosures Package: wordpress; Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon) Reported by: "Michael S Gilbert" <michaelsgilbert@gmailcom&g ...

Debian Bug report logs - #537146 CVE-2009-2431, CVE-2009-2432 Package: wordpress; Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon) Reported by: Giuseppe Iuculano <giuseppe@iuculanoit> Date: Wed, 15 Jul 2009 14:00:02 UTC Severity: important Tags ...

Debian Bug report logs - #531736 CVE-2008-6767, CVE-2008-6762 Package: wordpress; Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon) Reported by: Giuseppe Iuculano <giuseppe@iuculanoit> Date: Wed, 3 Jun 2009 17:27:02 UTC Severity: normal Tags: s ...

CWE-20 http://www.osvdb.org/55716 http://securitytracker.com/id?1022528 http://corelabs.coresecurity.com/index.php?action=view&type=advisory&name=WordPress_Privileges_Unchecked http://www.vupen.com/english/advisories/2009/1833 https://exchange.xforce.ibmcloud.com/vulnerabilities/51733 http://www.securityfocus.com/archive/1/504795/100/0/threaded https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536724

CVE-2009-2431

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect