PT-2009-2236 · WordPress · Wordpress
Publicado
2009-04-28
·
Atualizado
2017-08-17
·
CVE-2008-6767
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
WordPress versions 2.6.x
Description:
The issue allows remote attackers to upgrade the application and possibly cause a denial of service via a direct request to the
wp-admin/upgrade.php endpoint.Recommendations:
For WordPress versions 2.6.x, consider restricting access to the
wp-admin/upgrade.php endpoint to prevent unauthorized upgrades and potential denial of service.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Wordpress