Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure

Affects WordPresses

fixed in version 3.5.2
fixed in version 3.5.2
fixed in version 3.5.2
fixed in version 3.5.2
fixed in version 3.5.2

References

URL https://seclists.org/fulldisclosure/2013/Jul/70

Classification

Type FPD
OWASP Top 10 A6: Security Misconfiguration
CWE CWE-200

Miscellaneous

Views 9044
Verified No
WPVDB ID 5978

Timeline

Publicly Published 2013-06-21 (over 6 years ago)
Added 2014-08-01 (over 5 years ago)
Last Updated 2019-10-21 (about 2 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin