WordPress Multiple Existing/Non-Existing Username Enumeration Weaknesses

Bugtraq ID: 35581
Class: Design Error
CVE: CVE-2009-2335
CVE-2009-2336
Remote: Yes
Local: No
Published: Jul 08 2009 12:00AM
Updated: Aug 21 2009 03:54PM
Credit: Fernando Arnaboldi and José Orlicki from Core Security Technologies
Vulnerable: WordPress WordPress MU 2.7.1
WordPress WordPress MU 2.7
WordPress WordPress MU 2.6
WordPress WordPress 2.6.5
WordPress WordPress 2.6.2
WordPress WordPress 2.6.1
WordPress WordPress 2.5.1
WordPress WordPress 2.3.3
WordPress WordPress 2.3.2
WordPress WordPress 2.3.1
WordPress WordPress 2.2.3
WordPress WordPress 2.2.2
WordPress WordPress 2.2.1
WordPress WordPress 2.2.1
WordPress WordPress 2.1.3
WordPress WordPress 2.1.3
WordPress WordPress 2.1.2
WordPress WordPress 2.1.1
WordPress WordPress 2.0.11
WordPress WordPress 2.0.10
WordPress WordPress 2.0.7
WordPress WordPress 2.0.6
WordPress WordPress 2.0.5
WordPress WordPress 2.0.4
WordPress WordPress 2.0.3
WordPress WordPress 2.0.2
WordPress WordPress 2.0.1
WordPress WordPress 2.0
WordPress WordPress 2.8
WordPress WordPress 2.6
WordPress WordPress 2.5
WordPress WordPress 2.3
WordPress WordPress 2.2 Revision 5003
WordPress WordPress 2.2 Revision 5002
WordPress WordPress 2.2
WordPress WordPress 2.1.3-RC2
WordPress WordPress 2.1.3-RC1
WordPress WordPress 2.1
WordPress WordPress 2.0.10-RC2
WordPress WordPress 2.0.10-RC1
Red Hat Fedora 11
Red Hat Fedora 10
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus