CVE-2006-4743 — Wordpress vulnerability

5 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

0.9%

top 24.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wordpress Debian Wordpress

Timeline

PublishedSep 13

Latest updateMay 1

Description

WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain sensitive information via a direct request for (1) 404.php, (2) akismet.php, (3) archive.php, (4) archives.php, (5) attachment.php, (6) blogger.php, (7) comments.php, (8) comments-popup.php, (9) dotclear.php, (10) footer.php, (11) functions.php, (12) header.php, (13) hello.php, (14) wp-content/themes/default/index.php, (15) links.php, (16) livejournal.php, (17) mt.php, (18) page.php, (19) rss.php, (20) searchform.php, (21) search.ph…

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/wordpress< wordpress 2.0.5-0.1 (bookworm)

▶Debianwordpress/wordpress< 2.0.5-0.1+3

▶NVDwordpress/wordpress4 versions+3

🔴Vulnerability Details

GHSA

GHSA-x3q2-3pwv-684v: WordPress 2↗2022-05-01

▶

OSV

CVE-2006-4743: WordPress 2↗2006-09-13

▶

📋Vendor Advisories

Debian

CVE-2006-4743: wordpress - WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain sensitive inform...↗2006

▶

💬Community

Bugzilla

CVE-2006-4743: wordpress information disclosure↗2006-09-14

▶