WordPress and WordPress MU before 2.8.1 allow remote attackers to obtain sensitive information via a direct request to wp-settings.php, which reveals the installation path in an error message.
2009-07-10T21:00:00.297
2025-04-09T00:30:58.490
Deferred
CVSSv2: 5.0 (MEDIUM)
AV:N/AC:L/Au:N/C:P/I:N/A:N
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | wordpress | wordpress | ≤ 2.7.1 | Yes |
| Application | wordpress | wordpress | 0.6.2 | Yes |
| Application | wordpress | wordpress | 0.6.2 | Yes |
| Application | wordpress | wordpress | 0.6.2.1 | Yes |
| Application | wordpress | wordpress | 0.6.2.1 | Yes |
| Application | wordpress | wordpress | 0.7 | Yes |
| Application | wordpress | wordpress | 0.71 | Yes |
| Application | wordpress | wordpress | 0.71-gold | Yes |
| Application | wordpress | wordpress | 0.72 | Yes |
| Application | wordpress | wordpress | 0.72 | Yes |
| Application | wordpress | wordpress | 0.72 | Yes |
| Application | wordpress | wordpress | 0.72 | Yes |
| Application | wordpress | wordpress | 0.711 | Yes |
| Application | wordpress | wordpress | 1.0 | Yes |
| Application | wordpress | wordpress | 1.0 | Yes |
| Application | wordpress | wordpress | 1.0 | Yes |
| Application | wordpress | wordpress | 1.0 | Yes |
| Application | wordpress | wordpress | 1.0 | Yes |
| Application | wordpress | wordpress | 1.0-platinum | Yes |
| Application | wordpress | wordpress | 1.0.1 | Yes |
| Application | wordpress | wordpress | 1.0.1-miles | Yes |
| Application | wordpress | wordpress | 1.0.2 | Yes |
| Application | wordpress | wordpress | 1.0.2-blakey | Yes |
| Application | wordpress | wordpress | 1.2 | Yes |
| Application | wordpress | wordpress | 1.2 | Yes |
| Application | wordpress | wordpress | 1.2-delta | Yes |
| Application | wordpress | wordpress | 1.2-mingus | Yes |
| Application | wordpress | wordpress | 1.2.1 | Yes |
| Application | wordpress | wordpress | 1.2.2 | Yes |
| Application | wordpress | wordpress | 1.3.1 | Yes |
| Application | wordpress | wordpress | 1.4 | Yes |
| Application | wordpress | wordpress | 1.5 | Yes |
| Application | wordpress | wordpress | 1.5-strayhorn | Yes |
| Application | wordpress | wordpress | 1.5.1 | Yes |
| Application | wordpress | wordpress | 1.5.1.1 | Yes |
| Application | wordpress | wordpress | 1.5.1.2 | Yes |
| Application | wordpress | wordpress | 1.5.1.3 | Yes |
| Application | wordpress | wordpress | 1.5.2 | Yes |
| Application | wordpress | wordpress | 1.6 | Yes |
| Application | wordpress | wordpress | 2.0 | Yes |
| Application | wordpress | wordpress | 2.0.1 | Yes |
| Application | wordpress | wordpress | 2.0.2 | Yes |
| Application | wordpress | wordpress | 2.0.3 | Yes |
| Application | wordpress | wordpress | 2.0.4 | Yes |
| Application | wordpress | wordpress | 2.0.5 | Yes |
| Application | wordpress | wordpress | 2.0.6 | Yes |
| Application | wordpress | wordpress | 2.0.7 | Yes |
| Application | wordpress | wordpress | 2.0.8 | Yes |
| Application | wordpress | wordpress | 2.0.9 | Yes |
| Application | wordpress | wordpress | 2.0.10 | Yes |
| Application | wordpress | wordpress | 2.0.10_rc1 | Yes |
| Application | wordpress | wordpress | 2.0.10_rc2 | Yes |
| Application | wordpress | wordpress | 2.0.11 | Yes |
| Application | wordpress | wordpress | 2.1 | Yes |
| Application | wordpress | wordpress | 2.1 | Yes |
| Application | wordpress | wordpress | 2.1.1 | Yes |
| Application | wordpress | wordpress | 2.1.2 | Yes |
| Application | wordpress | wordpress | 2.1.3 | Yes |
| Application | wordpress | wordpress | 2.1.3_rc1 | Yes |
| Application | wordpress | wordpress | 2.1.3_rc2 | Yes |
| Application | wordpress | wordpress | 2.2 | Yes |
| Application | wordpress | wordpress | 2.2.0 | Yes |
| Application | wordpress | wordpress | 2.2.1 | Yes |
| Application | wordpress | wordpress | 2.2.2 | Yes |
| Application | wordpress | wordpress | 2.2.3 | Yes |
| Application | wordpress | wordpress | 2.2_revision5002 | Yes |
| Application | wordpress | wordpress | 2.2_revision5003 | Yes |
| Application | wordpress | wordpress | 2.3 | Yes |
| Application | wordpress | wordpress | 2.3 | Yes |
| Application | wordpress | wordpress | 2.3 | Yes |
| Application | wordpress | wordpress | 2.3.1 | Yes |
| Application | wordpress | wordpress | 2.3.1 | Yes |
| Application | wordpress | wordpress | 2.3.2 | Yes |
| Application | wordpress | wordpress | 2.3.3 | Yes |
| Application | wordpress | wordpress | 2.5 | Yes |
| Application | wordpress | wordpress | 2.5.1 | Yes |
| Application | wordpress | wordpress | 2.6 | Yes |
| Application | wordpress | wordpress | 2.6.1 | Yes |
| Application | wordpress | wordpress | 2.6.3 | Yes |
| Application | wordpress | wordpress | 2.6.5 | Yes |
| Application | wordpress | wordpress_mu | ≤ 2.7 | Yes |
| Application | wordpress | wordpress_mu | 1.1 | Yes |
| Application | wordpress | wordpress_mu | 1.1.1 | Yes |
| Application | wordpress | wordpress_mu | 1.2 | Yes |
| Application | wordpress | wordpress_mu | 1.2.1 | Yes |
| Application | wordpress | wordpress_mu | 1.2.2 | Yes |
| Application | wordpress | wordpress_mu | 1.2.3 | Yes |
| Application | wordpress | wordpress_mu | 1.2.4 | Yes |
| Application | wordpress | wordpress_mu | 1.2.4 | Yes |
| Application | wordpress | wordpress_mu | 1.2.5a | Yes |
| Application | wordpress | wordpress_mu | 1.3 | Yes |
| Application | wordpress | wordpress_mu | 1.3.1 | Yes |
| Application | wordpress | wordpress_mu | 1.3.2 | Yes |
| Application | wordpress | wordpress_mu | 1.3.3 | Yes |
| Application | wordpress | wordpress_mu | 1.5 | Yes |
| Application | wordpress | wordpress_mu | 1.5.1 | Yes |
| Application | wordpress | wordpress_mu | 2.6 | Yes |
| Application | wordpress | wordpress_mu | 2.6.1 | Yes |
| Application | wordpress | wordpress_mu | 2.6.2 | Yes |
| Application | wordpress | wordpress_mu | 2.6.3 | Yes |
| Application | wordpress | wordpress_mu | 2.6.5 | Yes |