WordPress < 2.5.1 Crafted Cookie Authentication Bypass
High Nessus Network Monitor Plugin ID 4488
SynopsisThe remote host is vulnerable to a flaw that allows authenticated users to gain administrative access.
DescriptionThe version of WordPress installed on the remote host is vulnerable to a flaw in the way that it handles cookies. Specifically, an attacker with the ability to create specific accounts would be able to use the flaw in the cookie handler to gain administrative access to the application.
SolutionUpgrade to WordPress 2.5.1, or later.