CVE-2009-2853
CRITICAL
10.0
CVSS Severity Score
Vulnerability Description
Wordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.php, and (8) edit-tag-form.php in wp-admin/.
Affected Platforms (CPE)
📦
Wordpress
Wordpress
= 0.71📦
Wordpress
Wordpress
= 0.71📦
Wordpress
Wordpress
= 0.71📦
Wordpress
Wordpress
= 0.72📦
Wordpress
Wordpress
= 0.72📦
Wordpress
Wordpress
= 0.72📦
Wordpress
Wordpress
= 0.72📦
Wordpress
Wordpress
= 0.711📦
Wordpress
Wordpress
= 1.0📦
Wordpress
Wordpress
= 1.0.1📦
Wordpress
Wordpress
= 1.0.1📦
Wordpress
Wordpress
= 1.2📦
Wordpress
Wordpress
= 1.2📦
Wordpress
Wordpress
= 1.2📦
Wordpress
Wordpress
= 1.2.1📦
Wordpress
Wordpress
= 1.2.2📦
Wordpress
Wordpress
= 1.5📦
Wordpress
Wordpress
= 1.5.1📦
Wordpress
Wordpress
= 1.5.1.3📦
Wordpress
Wordpress
= 1.5.2📦
Wordpress
Wordpress
= 2.0📦
Wordpress
Wordpress
= 2.0.1📦
Wordpress
Wordpress
= 2.0.2📦
Wordpress
Wordpress
= 2.0.3📦
Wordpress
Wordpress
= 2.0.4📦
Wordpress
Wordpress
= 2.0.5📦
Wordpress
Wordpress
= 2.0.6📦
Wordpress
Wordpress
= 2.0.7📦
Wordpress
Wordpress
= 2.0.9📦
Wordpress
Wordpress
= 2.0.10📦
Wordpress
Wordpress
= 2.0.11📦
Wordpress
Wordpress
= 2.1📦
Wordpress
Wordpress
= 2.1.1📦
Wordpress
Wordpress
= 2.1.1📦
Wordpress
Wordpress
= 2.1.2📦
Wordpress
Wordpress
= 2.1.3📦
Wordpress
Wordpress
= 2.2📦
Wordpress
Wordpress
= 2.2.1📦
Wordpress
Wordpress
= 2.2.2📦
Wordpress
Wordpress
= 2.2.3📦
Wordpress
Wordpress
= 2.3📦
Wordpress
Wordpress
= 2.3📦
Wordpress
Wordpress
= 2.3📦
Wordpress
Wordpress
= 2.3.1📦
Wordpress
Wordpress
= 2.3.1📦
Wordpress
Wordpress
= 2.3.2📦
Wordpress
Wordpress
= 2.5📦
Wordpress
Wordpress
= 2.5.1📦
Wordpress
Wordpress
= 2.6📦
Wordpress
Wordpress
= 2.6.1📦
Wordpress
Wordpress
= 2.6.2📦
Wordpress
Wordpress
= 2.6.3📦
Wordpress
Wordpress
= 2.7📦
Wordpress
Wordpress
= 2.7.1📦
Wordpress
Wordpress
= 2.8📦
Wordpress
Wordpress
= 2.8.1📦
Wordpress