CVE-2006-4028 — Wordpress vulnerability

6 documents5 sources

Severity

10.0CRITICALNVD

OSV5.0

EPSS

5.6%

top 9.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wordpress Debian Wordpress

Timeline

PublishedAug 9

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in WordPress before 2.0.4 have unknown impact and remote attack vectors. NOTE: due to lack of details, it is not clear how these issues are different from CVE-2006-3389 and CVE-2006-3390, although it is likely that 2.0.4 addresses an unspecified issue related to "Anyone can register" functionality (user registration for guests).

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶debiandebian/wordpress< wordpress 2.0.4-1 (bookworm)

▶Debianwordpress/wordpress< 2.0.4-1+3

▶NVDwordpress/wordpress4 versions+3

Patches

Patch: secunia.com ↗Patch: wordpress.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-5fp4-c42w-xqf3: Multiple unspecified vulnerabilities in WordPress before 2↗2022-05-01

▶

OSV

CVE-2006-4028: Multiple unspecified vulnerabilities in WordPress before 2↗2006-08-09

▶

📋Vendor Advisories

Debian

CVE-2006-4028: wordpress - Multiple unspecified vulnerabilities in WordPress before 2.0.4 have unknown impa...↗2006

▶

💬Community

Bugzilla

CVE-2006-4028, wordpress: multiple vulnerabilities↗2006-08-10

▶

Bugzilla

CVE-2006-4028, wordpress: multiple vulnerabilities↗2006-08-10

▶