WordPress prior to 3.7.5, 3.8.x prior to 3.8.5, 3.9.x prior to 3.9.3, and 4.x prior to 4.0.1 might allow remote malicious users to obtain access to an account idle since 2008 by leveraging an improper PHP dynamic type comparison for an MD5 hash.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mageia project mageia 4 |
||
mageia project mageia 3 |
||
wordpress wordpress 3.8 |
||
wordpress wordpress 3.9 |
||
wordpress wordpress 3.9.2 |
||
wordpress wordpress 3.8.1 |
||
wordpress wordpress 3.8.2 |
||
wordpress wordpress 3.8.3 |
||
wordpress wordpress 3.8.4 |
||
wordpress wordpress |
||
wordpress wordpress 3.9.1 |
||
wordpress wordpress 4.0 |
||
debian debian linux 7.0 |
||
debian debian linux 8.0 |