WordPress 'wp-admin/admin.php' Module Configuration Security Bypass Vulnerability (0.6.2 - 2.8)

Description

WordPress is prone to a security bypass vulnerability. Authenticated attackers may exploit this issue to gain access to configuration scripts, which may allow them to obtain sensitive information or elevate privileges; other attacks may also be possible. WordPress versions 2.8 and prior are vulnerable.

Remediation

Update to WordPress version 2.8.1 or latest

References