WordPress before 1.5.2 allows remote attackers to obtain sensitive information via a direct request to (1) wp-includes/vars.php, (2) wp-content/plugins/hello.php, (3) wp-admin/upgrade-functions.php, (4) wp-admin/edit-form.php, (5) wp-settings.php, and (6) wp-admin/edit-form-comment.php, which leaks the path in an error message related to undefined functions or failed includes. NOTE: the wp-admin/menu-header.php vector is already covered by CVE-2005-2110. NOTE: the vars.php, edit-form.php, wp-settings.php, and edit-form-comment.php vectors were also reported to affect WordPress 2.0.1.
Max Base Score | 5.0 |
Published | 2005-12-21 |
Updated | 2018-10-19 |
EPSS | 0.60% |
CVE-2005-2612
Public exploit exists
Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
Max Base Score | 7.5 |
Published | 2005-08-17 |
Updated | 2008-09-05 |
EPSS | 12.66% |
WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via (1) a direct request to menu-header.php or a "1" value in the feed parameter to (2) wp-atom.php, (3) wp-rss.php, or (4) wp-rss2.php, which reveal the path in an error message. NOTE: vector [1] was later reported to also affect WordPress 2.0.1.
Max Base Score | 5.0 |
Published | 2005-07-05 |
Updated | 2018-10-19 |
EPSS | 1.04% |
wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use.
Max Base Score | 5.0 |
Published | 2005-07-05 |
Updated | 2016-10-18 |
EPSS | 0.67% |
SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.
Max Base Score | 7.5 |
Published | 2005-07-05 |
Updated | 2016-10-18 |
EPSS | 0.26% |
Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p or (2) comment parameter.
Max Base Score | 4.3 |
Published | 2005-07-05 |
Updated | 2016-10-18 |
EPSS | 0.35% |
SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php.
Max Base Score | 7.5 |
Published | 2005-06-01 |
Updated | 2016-10-18 |
EPSS | 1.83% |
Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in an error message.
Max Base Score | 5.0 |
Published | 2005-05-20 |
Updated | 2016-10-18 |
EPSS | 0.44% |
SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tb_id parameter.
Max Base Score | 7.5 |
Published | 2005-05-20 |
Updated | 2016-10-18 |
EPSS | 0.32% |
Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post.
Max Base Score | 6.8 |
Published | 2005-05-02 |
Updated | 2016-10-18 |
EPSS | 0.48% |
10 vulnerabilities found