CVE-2006-4028 | Vulnerability Database | Aqua Security

Multiple unspecified vulnerabilities in WordPress before 2.0.4 have unknown impact and remote attack vectors. NOTE: due to lack of details, it is not clear how these issues are different from CVE-2006-3389 and CVE-2006-3390, although it is likely that 2.0.4 addresses an unspecified issue related to Anyone can register functionality (user registration for guests).

Affected Software

Name	Vendor	Start Version	End Version
Wordpress	Wordpress	2.0 (including)	2.0 (including)
Wordpress	Wordpress	2.0.1 (including)	2.0.1 (including)
Wordpress	Wordpress	2.0.2 (including)	2.0.2 (including)
Wordpress	Wordpress	2.0.3 (including)	2.0.3 (including)
Wordpress	Ubuntu	dapper	*
Wordpress	Ubuntu	upstream	*

References

http://bugs.gentoo.org/show_bug.cgi?id=142142
http://secunia.com/advisories/21309
http://secunia.com/advisories/21447
http://security.gentoo.org/glsa/glsa-200608-19.xml
http://unknowngenius.com/blog/archives/2006/07/26/critical-announcement-to-all-wordpress-users/
http://unknowngenius.com/blog/archives/2006/07/27/followup-on-wordpress/
http://wordpress.org/development/2006/07/wordpress-204/
http://www.osvdb.org/27633
http://www.securityfocus.com/bid/19247
http://www.vupen.com/english/advisories/2006/3071
http://bugs.gentoo.org/show_bug.cgi?id=142142
http://secunia.com/advisories/21309
http://secunia.com/advisories/21447
http://security.gentoo.org/glsa/glsa-200608-19.xml
http://unknowngenius.com/blog/archives/2006/07/26/critical-announcement-to-all-wordpress-users/
http://unknowngenius.com/blog/archives/2006/07/27/followup-on-wordpress/
http://wordpress.org/development/2006/07/wordpress-204/
http://www.osvdb.org/27633
http://www.securityfocus.com/bid/19247
http://www.vupen.com/english/advisories/2006/3071

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-4028
CWE	https://cwe.mitre.org/data/definitions/.html