CVE-2014-8604

Currently unrated

Key Information:

Vendor: Wordpress
Status: Xcloner
Vendor: CVE Published:; 10 June 2015

Summary

The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! returns the MySQL password in cleartext to a text box in the configuration panel, which allows remote attackers to obtain sensitive information via unspecified vectors.

References

http://www.vapid.dhs.org/advisories/wordpress/plugins/Xcl...

x_refsource_MISC

http://www.vapid.dhs.org/advisory.php?v=110

x_refsource_MISC

Timeline

Vulnerability published
Jun 10, 2015
Vulnerability Reserved
Nov 4, 2014