Description

WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote attackers to obtain sensitive information by reading the HTML source.

Remediation

References

CVE-2009-2431

Related Vulnerabilities

GlassFish Improper Input Validation Vulnerability (CVE-2011-5035)

Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-42029)

WordPress Plugin Meta Box-WordPress Custom Fields Framework Arbitrary File Upload (4.16.1)

Oracle Database Server CVE-2010-2407 Vulnerability (CVE-2010-2407)

Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-39118)

Severity

Medium

Classification

CVE-2009-2431 CWE-20

Tags

Missing Update Known Vulnerabilities