WordPress versions 2.2.x and 2.3.x have a vulnerability which allows malicious actors to gain access to sensitive information. This is done by sending a special request to the default web address with an invalid parameter. The response to this request reveals the exact file path and the structure of the associated database.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
