Описание
wp-login.php in WordPress 2.0.5 and earlier displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | |
| edgy | ignored | end of life, was needed |
| feisty | not-affected | |
| gutsy | not-affected | |
| hardy | not-affected | |
| intrepid | not-affected | |
| jaunty | not-affected | |
| karmic | not-affected | |
| upstream | released | 2.0.6 |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
wp-login.php in WordPress 2.0.5 and earlier displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.
wp-login.php in WordPress 2.0.5 and earlier displays different error m ...
wp-login.php in WordPress 2.0.5 and earlier displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.
EPSS
5 Medium
CVSS2