WordPress Multiple Path-Disclosure Vulnerabilities

vendor:
WordPress
by:
SecurityFocus
4,3
CVSS
MEDIUM
Path-Disclosure
200
CWE
Product Name: WordPress
Affected Version From: 3.4.2
Affected Version To: 3.4.2
Patch Exists: YES
Related CWE: N/A
CPE: a:wordpress:wordpress
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2012
WordPress Multiple Path-Disclosure Vulnerabilities

WordPress is prone to multiple path-disclosure vulnerabilities. Remote attackers can exploit these issues to obtain sensitive information that may lead to further attacks.
Mitigation:

Users should upgrade to the latest version of WordPress.
Source
Exploit-DB raw data:

source: https://www.securityfocus.com/bid/55597/info

WordPress is prone to multiple path-disclosure vulnerabilities.

Remote attackers can exploit these issues to obtain sensitive information that may lead to further attacks.

WordPress 3.4.2 is vulnerable; other versions may also be affected. 

http://www.example.com/learn/t/wordpress/wp-includes/vars.php
http://www.example.com/learn/t/wordpress/wp-includes/update.php
http://www.example.com/learn/t/wordpress/wp-includes/theme.php
http://www.example.com/learn/t/wordpress/wp-includes/theme-compat/sidebar.php
http://www.example.com/learn/t/wordpress/wp-includes/theme-compat/header.php
http://www.example.com/learn/t/wordpress/wp-includes/theme-compat/footer.php
http://www.example.com/learn/t/wordpress/wp-includes/theme-compat/comments.php
http://www.example.com/learn/t/wordpress/wp-includes/theme-compat/comments-popup.php
http://www.example.com/learn/t/wordpress/wp-includes/template-loader.php
http://www.example.com/learn/t/wordpress/wp-includes/taxonomy.php
http://www.example.com/learn/t/wordpress/wp-includes/shortcodes.php
http://www.example.com/learn/t/wordpress/wp-includes/script-loader.php
http://www.example.com/learn/t/wordpress/wp-includes/rss.php
http:www.example.com/learn/t/wordpress/wp-includes/rss-functions.php
http://www.example.com/learn/t/wordpress/wp-includes/registration.php
http://www.example.com/learn/t/wordpress/wp-includes/registration-functions.php
http://www.example.com/learn/t/wordpress/wp-includes/post.php
http://www.example.com/learn/t/wordpress/wp-includes/post-template.php
http://www.example.com/learn/t/wordpress/wp-includes/nav-menu-template.php
http://www.example.com/learn/t/wordpress/wp-includes/ms-settings.php
http://www.example.com/learn/t/wordpress/wp-includes/ms-functions.php
http://www.example.com/learn/t/wordpress/wp-includes/ms-default-filters.php
http://www.example.com/learn/t/wordpress/wp-includes/ms-default-constants.php
http://www.example.com/learn/t/wordpress/wp-includes/media.php
http://www.example.com/learn/t/wordpress/wp-includes/kses.php
http://www.example.com/learn/t/wordpress/wp-includes/js/tinymce/plugins/spellchecker/config.php
http://www.example.com/learn/t/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/PSpellShell.php
http://www.example.com/learn/t/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/PSpell.php
http://www.example.com/learn/t/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/GoogleSpell.php
http://www.example.com/learn/t/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/EnchantSpell.php
http://www.example.com/learn/t/wordpress/wp-includes/general-template.php
http://www.example.com/learn/t/wordpress/wp-includes/functions.php
http://www.example.com/learn/t/wordpress/wp-includes/feed-rss2.php
http://www.example.com/learn/t/wordpress/wp-includes/feed-rss2-comments.php
http://www.example.com/learn/t/wordpress/wp-includes/feed-rss.php
http://www.example.com/learn/t/wordpress/wp-includes/feed-rdf.php
http://www.example.com/learn/t/wordpress/wp-includes/feed-atom.php
http://www.example.com/learn/t/wordpress/wp-includes/feed-atom-comments.php
http://www.example.com/learn/t/wordpress/wp-includes/default-widgets.php
http://www.example.com/learn/t/wordpress/wp-includes/default-filters.php
http://www.example.com/learn/t/wordpress/wp-includes/comment-template.php
http://www.example.com/learn/t/wordpress/wp-includes/class.wp-styles.php
http://www.example.com/learn/t/wordpress/wp-includes/class.wp-scripts.php
http://www.example.com/learn/t/wordpress/wp-includes/class-wp-xmlrpc-server.php
http://www.example.com/learn/t/wordpress/wp-includes/class-wp-http-ixr-client.php
http://www.example.com/learn/t/wordpress/wp-includes/class-snoopy.php
http://www.example.com/learn/t/wordpress/wp-includes/class-feed.php
http://www.example.com/learn/t/wordpress/wp-includes/category-template.php
http://www.example.com/learn/t/wordpress/wp-includes/canonical.php
http://www.example.com/learn/t/wordpress/wp-includes/author-template.php
http://www.example.com/learn/t/wordpress/wp-includes/admin-bar.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/tag.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/single.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/sidebar.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/sidebar-footer.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/search.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/page.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/onecolumn-page.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/loop.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/loop-single.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/loop-page.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/loop-attachment.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/index.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/header.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/functions.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/footer.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/comments.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/category.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/author.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/attachment.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/archive.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyten/404.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/tag.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/single.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/sidebar.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/sidebar-page.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/sidebar-footer.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/showcase.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/search.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/page.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/index.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/inc/widgets.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/inc/theme-options.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/image.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/functions.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/comments.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/category.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/author.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/archive.php
http://www.example.com/learn/t/wordpress/wp-content/themes/twentyeleven/404.php
http://www.example.com/learn/t/wordpress/wp-content/plugins/hello.php
http://www.example.com/learn/t/wordpress/wp-content/plugins/akismet/widget.php
http://www.example.com/learn/t/wordpress/wp-content/plugins/akismet/legacy.php
http://www.example.com/learn/t/wordpress/wp-content/plugins/akismet/akismet.php
http://www.example.com/learn/t/wordpress/wp-content/plugins/akismet/admin.php
http://www.example.com/learn/t/wordpress/wp-admin/user/menu.php
http://www.example.com/learn/t/wordpress/wp-admin/upgrade-functions.php
http://www.example.com/learn/t/wordpress/wp-admin/options-head.php
http://www.example.com/learn/t/wordpress/wp-admin/network/menu.php
http://www.example.com/learn/t/wordpress/wp-admin/menu.php
http://www.example.com/learn/t/wordpress/wp-admin/menu-header.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/user.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/upgrade.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/update.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/update-core.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/theme-install.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/template.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/schema.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/plugin.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/plugin-install.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/nav-menu.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/ms.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/misc.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/menu.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/media.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/file.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/dashboard.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/continents-cities.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-users-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-themes-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-theme-install-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-terms-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-posts-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-plugins-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-plugin-install-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-ms-users-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-ms-themes-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-ms-sites-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-media-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-links-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-filesystem-ssh2.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-filesystem-ftpsockets.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-filesystem-ftpext.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-filesystem-direct.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-wp-comments-list-table.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-ftp-sockets.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/class-ftp-pure.php
http://www.example.com/learn/t/wordpress/wp-admin/includes/admin.php
http://www.example.com/learn/t/wordpress/wp-admin/admin-functions.php