Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-2762 — Wordpress vulnerability

CWE-2557 documents5 sources

Severity

7.5HIGHNVD

EPSS

74.1%

top 1.15%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Wordpress Debian Wordpress

Timeline

PublishedAug 13

Latest updateMay 2

Description

wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to force a password reset for the first user in the database, possibly the administrator, via a key[] array variable in a resetpass (aka rp) action, which bypasses a check that assumes that $key is not an array.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/wordpress< wordpress 2.8.3-2 (bookworm)

▶Debianwordpress/wordpress< 2.8.3-2+3

▶NVDwordpress/wordpress2.8.3

Patches

Patch: wordpress.org ↗Patch: wordpress.org ↗

🔴Vulnerability Details

GHSA

GHSA-fxw5-28xr-82fm: wp-login↗2022-05-02

▶

OSV

CVE-2009-2762: wp-login↗2009-08-13

▶

💥Exploits & PoCs

Exploit-DB

WordPress Core 2.8.3 - Remote Admin Reset Password↗2009-08-11

▶

Exploit-DB

WordPress Core 2.6.1 - Admin Takeover (SQL Column Truncation)↗2008-09-10

▶

Exploit-DB

WordPress Core 2.6.1 - SQL Column Truncation↗2008-09-07

▶

📋Vendor Advisories

Debian

CVE-2009-2762: wordpress - wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to force a p...↗2009

▶