Sensitive Information Exposure in Register Plus Plugin for WordPress
CVE-2010-4403

Currently unrated

Key Information:

Vendor

Wordpress
Status
Register-plus
Vendor
CVE Published:
6 December 2010

What is CVE-2010-4403?

The Register Plus plugin version 3.5.1 and earlier for WordPress is susceptible to an information disclosure vulnerability that allows remote attackers to obtain sensitive details. By making a direct request to specific script files—namely, dash_widget.php and register-plus.php—attackers can trigger error messages that inadvertently expose the installation path of the WordPress site. This vulnerability poses risks as it reveals potentially exploitable information that can be leveraged for further attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://websecurity.com.ua/4539
x_refsource_MISC
http://packetstormsecurity.org/files/view/96143/registerp...
x_refsource_MISC
http://www.securityfocus.com/archive/1/514903/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.