- WordPress is prone to multiple vulnerabilities, including directory traversal, security bypass and Denial of Service vulnerabilities. Exploiting these issues can allow an attacker to obtain sensitive information that could aid in launching further attacks, to perform otherwise restricted actions and subsequently list certain metadata information of other users or to cause a Denial of Service (application crash), thus denying service to legitimate users. WordPress version 2.0.4 is vulnerable.
- Update to WordPress version 2.0.5 or latest
- WordPress Plugin WordPress Landing Pages Multiple Vulnerabilities (1.8.4)
- WordPress Plugin WP Mobile Detector Arbitrary File Upload (3.5)
- WordPress Plugin PitchPrint Arbitrary File Upload (7.2.1)
- WordPress Plugin WP Maintenance Mode Multiple Vulnerabilities (2.0.3)
- WordPress Plugin Buddypress Xprofile Custom Fields Type Arbitrary File Deletion (2.6.3)