Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WordPress <= 2.3.3 'index.php' Arbitrary File Access



The remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.


The version of WordPress installed on the remote host is vulnerable to a directory traversal attack. An attacker exploiting this flaw would send malformed data to the 'cat' parameter of the 'index.php' script. Successful exploitation would result in the attacker gaining access to confidential files on the target server.


Upgrade to WordPress 2.5, or higher.