CVE-2009-2853

Name of the Vulnerable Software and Affected Versions Wordpress versions prior to 2.8.3

Description The issue allows remote attackers to gain privileges via a direct request to certain files in the wp-admin/ directory, including admin-footer.php, edit-category-form.php, edit-form-advanced.php, edit-form-comment.php, edit-link-category-form.php, edit-link-form.php, edit-page-form.php, and edit-tag-form.php.

Recommendations For versions prior to 2.8.3, update to version 2.8.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the wp-admin/ directory to minimize the risk of exploitation.