Path Disclosure Vulnerability in Organizer Plugin for WordPress
CVE-2012-6512

Currently unrated

Key Information:

Vendor: Wordpress
Status: Organizer
Vendor: CVE Published:; 24 January 2013

Summary

The Organizer plugin version 1.2.1 for WordPress contains a path disclosure vulnerability that allows remote attackers to gain access to sensitive information regarding the installation path. This vulnerability can be exploited through various entry points, such as 'plugin_hook.php', 'page/index.php', 'page/dir.php', 'page/options.php', 'page/resize.php', 'page/upload.php', 'page/users.php', and 'page/view.php'. These vulnerabilities can potentially lead to further attacks if the information is used by malicious actors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/75107

vdb-entryx_refsource_XF

http://packetstormsecurity.org/files/112086/WordPress-Org...

x_refsource_MISC

http://websecurity.com.ua/5782

x_refsource_MISC

Timeline

Vulnerability published
Jan 24, 2013
Vulnerability Reserved
Jan 23, 2013