vendor:
WordPress
by:
irk4z
4.3
CVSS
MEDIUM
SQL Column Truncation Vulnerability
89
CWE
Product Name: WordPress
Affected Version From: 2.6.2001
Affected Version To: 2.6.2001
Patch Exists: No
Related CWE: N/A
CPE: a:wordpress:wordpress:2.6.1
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
WordPress 2.6.1 SQL Column Truncation Vulnerability (PoC)
This vulnerability allows an attacker to remotely change the admin password of a WordPress website if registration is enabled. The attacker first registers an account with the username 'admin' followed by 55 spaces and the letter 'x'. This creates a duplicate 'admin' account in the database. The attacker then requests a password reset for the duplicate account and the password is changed, but the new password is sent to the correct admin email.
Mitigation:
Disable registration on the WordPress website or limit the length of usernames.