CVE Vulnerabilities

CVE-2012-4422

Published: Sep 14, 2012 | Modified: Sep 17, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
3.5 LOW
AV:N/AC:M/Au:S/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
LOW

wp-admin/plugins.php in WordPress before 3.4.2, when the multisite feature is enabled, does not check for network-administrator privileges before performing a network-wide activation of an installed plugin, which might allow remote authenticated users to make unintended plugin changes by leveraging the Administrator role.

Affected Software

Name Vendor Start Version End Version
Wordpress Wordpress * 3.4.1 (including)
Wordpress Wordpress 0.71 (including) 0.71 (including)
Wordpress Wordpress 1.0 (including) 1.0 (including)
Wordpress Wordpress 1.0.1 (including) 1.0.1 (including)
Wordpress Wordpress 1.0.2 (including) 1.0.2 (including)
Wordpress Wordpress 1.1.1 (including) 1.1.1 (including)
Wordpress Wordpress 1.2 (including) 1.2 (including)
Wordpress Wordpress 1.2.1 (including) 1.2.1 (including)
Wordpress Wordpress 1.2.2 (including) 1.2.2 (including)
Wordpress Wordpress 1.2.3 (including) 1.2.3 (including)
Wordpress Wordpress 1.2.4 (including) 1.2.4 (including)
Wordpress Wordpress 1.2.5 (including) 1.2.5 (including)
Wordpress Wordpress 1.2.5-a (including) 1.2.5-a (including)
Wordpress Wordpress 1.3 (including) 1.3 (including)
Wordpress Wordpress 1.3.2 (including) 1.3.2 (including)
Wordpress Wordpress 1.3.3 (including) 1.3.3 (including)
Wordpress Wordpress 1.5 (including) 1.5 (including)
Wordpress Wordpress 1.5.1 (including) 1.5.1 (including)
Wordpress Wordpress 1.5.1.1 (including) 1.5.1.1 (including)
Wordpress Wordpress 1.5.1.2 (including) 1.5.1.2 (including)
Wordpress Wordpress 1.5.1.3 (including) 1.5.1.3 (including)
Wordpress Wordpress 1.5.2 (including) 1.5.2 (including)
Wordpress Wordpress 2.0 (including) 2.0 (including)
Wordpress Wordpress 2.0.1 (including) 2.0.1 (including)
Wordpress Wordpress 2.0.2 (including) 2.0.2 (including)
Wordpress Wordpress 2.0.4 (including) 2.0.4 (including)
Wordpress Wordpress 2.0.5 (including) 2.0.5 (including)
Wordpress Wordpress 2.0.6 (including) 2.0.6 (including)
Wordpress Wordpress 2.0.7 (including) 2.0.7 (including)
Wordpress Wordpress 2.0.8 (including) 2.0.8 (including)
Wordpress Wordpress 2.0.9 (including) 2.0.9 (including)
Wordpress Wordpress 2.0.10 (including) 2.0.10 (including)
Wordpress Wordpress 2.0.11 (including) 2.0.11 (including)
Wordpress Wordpress 2.1 (including) 2.1 (including)
Wordpress Wordpress 2.1.1 (including) 2.1.1 (including)
Wordpress Wordpress 2.1.2 (including) 2.1.2 (including)
Wordpress Wordpress 2.1.3 (including) 2.1.3 (including)
Wordpress Wordpress 2.2 (including) 2.2 (including)
Wordpress Wordpress 2.2.1 (including) 2.2.1 (including)
Wordpress Wordpress 2.2.2 (including) 2.2.2 (including)
Wordpress Wordpress 2.2.3 (including) 2.2.3 (including)
Wordpress Wordpress 2.3 (including) 2.3 (including)
Wordpress Wordpress 2.3.1 (including) 2.3.1 (including)
Wordpress Wordpress 2.3.2 (including) 2.3.2 (including)
Wordpress Wordpress 2.3.3 (including) 2.3.3 (including)
Wordpress Wordpress 2.5 (including) 2.5 (including)
Wordpress Wordpress 2.5.1 (including) 2.5.1 (including)
Wordpress Wordpress 2.6 (including) 2.6 (including)
Wordpress Wordpress 2.6.1 (including) 2.6.1 (including)
Wordpress Wordpress 2.6.2 (including) 2.6.2 (including)
Wordpress Wordpress 2.6.3 (including) 2.6.3 (including)
Wordpress Wordpress 2.6.5 (including) 2.6.5 (including)
Wordpress Wordpress 2.7 (including) 2.7 (including)
Wordpress Wordpress 2.7.1 (including) 2.7.1 (including)
Wordpress Wordpress 2.8 (including) 2.8 (including)
Wordpress Wordpress 2.8.1 (including) 2.8.1 (including)
Wordpress Wordpress 2.8.2 (including) 2.8.2 (including)
Wordpress Wordpress 2.8.3 (including) 2.8.3 (including)
Wordpress Wordpress 2.8.4 (including) 2.8.4 (including)
Wordpress Wordpress 2.8.4-a (including) 2.8.4-a (including)
Wordpress Wordpress 2.8.5 (including) 2.8.5 (including)
Wordpress Wordpress 2.8.5.1 (including) 2.8.5.1 (including)
Wordpress Wordpress 2.8.5.2 (including) 2.8.5.2 (including)
Wordpress Wordpress 2.8.6 (including) 2.8.6 (including)
Wordpress Wordpress 2.9 (including) 2.9 (including)
Wordpress Wordpress 2.9.1 (including) 2.9.1 (including)
Wordpress Wordpress 2.9.1.1 (including) 2.9.1.1 (including)
Wordpress Wordpress 2.9.2 (including) 2.9.2 (including)
Wordpress Wordpress 3.0 (including) 3.0 (including)
Wordpress Wordpress 3.0.1 (including) 3.0.1 (including)
Wordpress Wordpress 3.0.2 (including) 3.0.2 (including)
Wordpress Wordpress 3.0.3 (including) 3.0.3 (including)
Wordpress Wordpress 3.0.4 (including) 3.0.4 (including)
Wordpress Wordpress 3.0.5 (including) 3.0.5 (including)
Wordpress Wordpress 3.0.6 (including) 3.0.6 (including)
Wordpress Wordpress 3.1 (including) 3.1 (including)
Wordpress Wordpress 3.1.1 (including) 3.1.1 (including)
Wordpress Wordpress 3.1.2 (including) 3.1.2 (including)
Wordpress Wordpress 3.1.3 (including) 3.1.3 (including)
Wordpress Wordpress 3.1.4 (including) 3.1.4 (including)
Wordpress Wordpress 3.2 (including) 3.2 (including)
Wordpress Wordpress 3.2-beta1 (including) 3.2-beta1 (including)
Wordpress Wordpress 3.2.1 (including) 3.2.1 (including)
Wordpress Wordpress 3.3 (including) 3.3 (including)
Wordpress Wordpress 3.3.1 (including) 3.3.1 (including)
Wordpress Wordpress 3.3.2 (including) 3.3.2 (including)
Wordpress Wordpress 3.3.3 (including) 3.3.3 (including)
Wordpress Wordpress 3.4.0 (including) 3.4.0 (including)
Wordpress Ubuntu hardy *
Wordpress Ubuntu lucid *
Wordpress Ubuntu natty *
Wordpress Ubuntu oneiric *
Wordpress Ubuntu precise *
Wordpress Ubuntu upstream *

References