Description

wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors.

Remediation

References

CVE-2012-2402

Related Vulnerabilities

Squid Improper Synchronization Vulnerability (CVE-2020-14059)

Piwigo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1469)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2355)

Internet Information Services Other Vulnerability (CVE-2002-1182)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29212)

Severity

Medium

Classification

CVE-2012-2402 CWE-264

Tags

Missing Update Known Vulnerabilities