Description
wp-login.php in WordPress 2.0.5 and earlier displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.
Remediation
References
Related Vulnerabilities
Apache version older than 1.3.39
WordPress Plugin JetWidgets For Elementor Multiple Cross-Site Scripting Vulnerabilities (1.0.8)
WordPress Plugin Add Link to Facebook Cross-Site Scripting (2.3)
WordPress Plugin Download Monitor Information Disclosure (1.6.3)
WordPress Plugin Quick Buy For Woocommerce Arbitrary File Disclosure (2.0)