CVE Vulnerabilities

CVE-2005-2110

Published: Jul 05, 2005 | Modified: Oct 19, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via (1) a direct request to menu-header.php or a 1 value in the feed parameter to (2) wp-atom.php, (3) wp-rss.php, or (4) wp-rss2.php, which reveal the path in an error message. NOTE: vector [1] was later reported to also affect WordPress 2.0.1.

Affected Software

Name Vendor Start Version End Version
Wordpress Wordpress 1.0.1 1.0.1
Wordpress Wordpress 1.0.2 1.0.2
Wordpress Wordpress 1.5.1.2 1.5.1.2
Wordpress Wordpress 1.2 1.2
Wordpress Wordpress 1.0 1.0
Wordpress Wordpress 1.5 1.5
Wordpress Wordpress 1.5.1 1.5.1

References