Description

wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metadata of an arbitrary user via a modified user_id parameter.

Remediation

References

CVE-2006-6016

Related Vulnerabilities

WordPress Plugin Gallery-Flagallery Photo Portfolio Information Disclosure (4.24)

Apache HTTP Server CVE-2004-0786 Vulnerability (CVE-2004-0786)

Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17542)

WordPress Plugin LearnPress-WordPress LMS Security Bypass (3.2.6.6)

MySQL CVE-2020-14846 Vulnerability (CVE-2020-14846)

Severity

Medium

Classification

CVE-2006-6016

Tags

Missing Update Known Vulnerabilities