CVE-2008-0195

EPSS 2.4%

Published: 1/10/2008Modified: 5/27/2026

Description

WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty value of the page parameter to certain PHP scripts under wp-admin/, which reveals the path in various error messages.

Affected packages (1)

Debian/wordpressfrom 0, < 2.1.0-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-0195