CVE-2007-0109

wp-login.php in WordPress 2.0.5 and earlier displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*

Information

Published : 2007-01-08 16:28

Updated : 2018-10-16 09:31


NVD link : CVE-2007-0109

Mitre link : CVE-2007-0109


JSON object : View

Advertisement

dedicated server usa

Products Affected

wordpress

  • wordpress