CVE-2010-4403

Publication date 6 December 2010

Last updated 24 July 2024

Ubuntu priority

The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
wordpress	10.10 maverick	Not affected
	10.04 LTS lucid	Not affected
	9.10 karmic	Not affected
	8.04 LTS hardy	Not affected
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

code not present: wp-content/plugins/register-plus/register-plus.php

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2010-4403