Description
repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.
Remediation
References
Related Vulnerabilities
WordPress Plugin Snazzy Maps Cross-Site Request Forgery (1.1.5)
WordPress Plugin DukaPress PHP Object Injection (3.1.20)
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (2.1.5)
WordPress Plugin WP Support Plus Responsive Ticket System Unspecified Vulnerability (8.0.7)
WordPress Plugin Multiple Page Generator-MPG Cross-Site Request Forgery (3.3.9)