Sensitive Information Exposure in WP-Cumulus Plugin for WordPress
CVE-2009-4170

Currently unrated

Key Information:

Vendor: Wordpress
Status: WP-cumulus
Vendor: CVE Published:; 2 December 2009

What is CVE-2009-4170?

The WP-Cumulus plugin version 1.20 and potentially other versions enables remote attackers to exploit a flaw by sending crafted requests to the wp-cumulus.php endpoint. This could result in the disclosure of sensitive information, such as the installation path, through an error message. Proper validation and sanitization of inputs are critical to mitigate such vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://websecurity.com.ua/3665/

x_refsource_MISC

http://www.securityfocus.com/archive/1/508071/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Dec 2, 2009
Vulnerability Reserved
Dec 2, 2009

JSON

Wordpress

What is CVE-2009-4170?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.