Description
WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the (1) wp-admin, (2) wp-content, and (3) wp-includes directories, possibly due to uninitialized variables.
Remediation
References
Related Vulnerabilities
WordPress Plugin Post Lists View Custom Cross-Site Scripting (1.7.1)
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-32036)
WordPress Plugin Store Locator Plus for WordPress Open Email Relay (4.2.25)
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2020-36238)
WordPress Plugin Responsive Slider-Image Slider-Slideshow for WordPress SQL Injection (2.6.8)