- WordPress is prone to a security bypass vulnerability. Authenticated attackers may exploit this issue to gain access to configuration scripts, which may allow them to obtain sensitive information or elevate privileges; other attacks may also be possible. WordPress versions 2.8 and prior are vulnerable.
- Update to WordPress version 2.8.1 or latest
- WordPress Plugin WP Survey And Quiz Tool 'action' Parameter Cross-Site Scripting (1.2.1)
- WordPress Plugin Email Subscribers & Newsletters Information Disclosure (3.4.7)
- WordPress Plugin NextCellent Gallery-NextGEN Legacy Cross-Site Scripting (1.9.27)
- WordPress Plugin Peugeot Music Arbitrary File Upload (1.0)
- Apache 2.x version older than 2.0.48