Privilege Escalation in WpQuiz Plugin by WordPress
CVE-2004-1704

Currently unrated

Key Information:

Vendor: WordPress
Status: WPquiz
Vendor: CVE Published:; 30 July 2004

What is CVE-2004-1704?

The WpQuiz plugin for WordPress versions 2.60b1 through 2.60b8 contains a vulnerability that allows remote attackers to escalate their privileges. By making a direct request to the adminrestore.php script located in the extras directory, adversaries can gain unauthorized administrative access. This poses a significant risk to the security and integrity of the WordPress installation, as it may allow malicious users to manipulate user roles and configurations.

References

http://www.osvdb.org/8321

vdb-entryx_refsource_OSVDB

http://marc.info/?l=bugtraq&m=109122270013514&w=2

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/16848

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Feb 26, 2005
Vulnerability published
Jul 30, 2004