Description
Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Other Vulnerability (CVE-2004-0113)
WebLogic CVE-2020-2869 Vulnerability (CVE-2020-2869)
WordPress Plugin Uji Countdown Cross-Site Scripting (2.0.6)
WordPress Plugin Chat-Support Board-WordPress Chat Privilege Escalation (3.3.8)
WordPress Plugin Leaflet Maps Marker Pro Multiple Vulnerabilities (1.5.7)