Description
WordPress and WordPress MU before 2.8.1 allow remote attackers to obtain sensitive information via a direct request to wp-settings.php, which reveals the installation path in an error message.
Remediation
References
Related Vulnerabilities
WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Unspecified Vulnerability (1.53)
WordPress Plugin WPML (WordPress Multilingual) Cross-Site Scripting (3.2.6)
MediaWiki Use of Insufficiently Random Values Vulnerability (CVE-2023-22912)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46731)