CVE-2008-4769
EPSS 17.7%
Description
Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from third party information.
How to fix CVE-2008-4769
To remediate CVE-2008-4769, upgrade the affected package to a fixed version below.
- Debian/wordpress—upgrade to 2.5.1-1 or later
Is CVE-2008-4769 being exploited?
Moderate — EPSS is 17.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.5.1-1