Published: 11/12/2012 Updated: 11/12/2012

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

simple-gmail-login.php in the Simple Gmail Login plugin prior to 1.1.4 for WordPress allows remote malicious users to obtain sensitive information via a request that lacks a timezone, leading to disclosure of the installation path in a stack trace.

Vulnerable Product	Search on Vulmon	Subscribe to Product
simple_gmail_login 1.1.3
simple_gmail_login 1.1.2

source: wwwsecurityfocuscom/bid/56860/info The Simple Gmail Login plugin for Wordpress is prone to an information-disclosure vulnerability Attackers can exploit this issue to obtain sensitive information that may lead to further attacks Simple Gmail Login 113 and prior are vulnerable Fatal error: Uncaught exception 'Exception' wit ...

WordPress Simple Gmail Login plugin suffers from a stack trace error condition that can lead to full path disclosure ...

CWE-200 http://archives.neohapsis.com/archives/bugtraq/2012-12/0061.html http://wordpress.org/extend/plugins/simple-gmail-login/changelog/https://nvd.nist.gov https://www.exploit-db.com/exploits/38111/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-6313

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect