CVE-2012-5469
published 2012-12-20CVE-2012-5469: The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct…
PriorityP277high7.5CVSS 2.0
AVNACLAuNCPIPAP
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
23.75%
97.5th percentile
The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect unauthenticated GET requests to the vulnerable plugin path wp-content/plugins/portable-phpmyadmin/wp-pma-mod — any direct request to this path without a valid WordPress session cookie indicates exploitation of CVE-2012-5469. ↗
- →Alert on HTTP requests targeting the path /wp-content/plugins/portable-phpmyadmin/wp-pma-mod, especially from external/unauthenticated sources, as this directly exposes a full phpMyAdmin console. ↗
- ·The vulnerability affects Portable phpMyAdmin plugin version 1.3.0 and earlier; version 1.3.1 patches the issue. Ensure detection rules target only unpatched installations. ↗
- ·The exposed phpMyAdmin console operates with the MySQL privilege level of the WordPress database configuration, meaning exploitation impact depends on the DB user's permissions. ↗
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jjpc-pf2f-wwgg: The Portable phpMyAdmin plugin before 1
ghsa_unreviewed·2022-05-17
CVE-2012-5469 [HIGH] GHSA-jjpc-pf2f-wwgg: The Portable phpMyAdmin plugin before 1
The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
VulnCheck
Portable phpMyAdmin Plugin before 1.3.1 for WordPress Authentication Bypass
vulncheck·2012·CVSS 7.5
CVE-2012-5469 [HIGH] Portable phpMyAdmin Plugin before 1.3.1 for WordPress Authentication Bypass
Portable phpMyAdmin Plugin before 1.3.1 for WordPress Authentication Bypass
The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
Affected: phpMyAdmin phpMyAdmin
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://blog.checkpoint.com/security/april-2022s-most-wanted-malware-a-shake-up-in-the-index-but-emotet-is-still-on-top/; https://blog.checkpoint.com/security/april-2024s-most-wanted-malware-surge-in-androxgh0st-attacks-and-the-decline-of-lockbit3/
No detection rules found.
No writeups or analysis indexed.
2012-12-20
Published
Exploited in the wild