Description

WordPress allows remote attackers to obtain sensitive information via a direct request for wp-admin/admin-functions.php, which reveals the path in an error message.

Remediation

References

CVE-2007-1409

Related Vulnerabilities

OpenSSL Other Vulnerability (CVE-2014-5139)

WordPress Plugin Podlove Podcast Publisher Cross-Site Request Forgery (3.8.3)

MySQL CVE-2016-8287 Vulnerability (CVE-2016-8287)

Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2024-25605)

GeoServer CVE-2023-35042 Vulnerability (CVE-2023-35042)

Severity

Medium

Classification

CVE-2007-1409

Tags

Missing Update Known Vulnerabilities