Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-4403

Опубликовано: 06 дек. 2010
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:devbits:register-plus:*:*:*:*:*:*:*:*
Версия до 3.5.1 (включая)
cpe:2.3:a:devbits:register-plus:1.1:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:1.2:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:2.0:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:2.1:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:2.2:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:2.3:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:2.4:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:2.5:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:2.6:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:2.7:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:2.8:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:2.9:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:3.0:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:3.1:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:3.2:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:3.3:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:3.4:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:devbits:register-plus:3.5:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

EPSS

Процентиль: 52%
0.00285
Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2010-4403

ubuntu
больше 14 лет назад

The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message.

github логотип

GHSA-2vq6-7g93-mrhp

github
около 3 лет назад

The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message.

EPSS

Процентиль: 52%
0.00285
Низкий

5 Medium

CVSS2

Дефекты

CWE-200