Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2012-0937

Published

11 years ago

Last Modified

11 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter, a different vulnerability than CVE-2011-4898. NOTE: the vendor disputes the significance of this issue because an incomplete WordPress installation might be present on the network for only a short time..

CVSSv2.0 Score

Severity: Medium
Base Score: 5/10
Exploit Score: 10/10
Access Vector: Network
Access Complexity: Low
Authentication Required: None
Impact Score: 2.9/10
Confidentiality Impact: None
Availability Impact: Partial
Integrity Impact: None

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:wordpress:wordpress:3.0.5:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.0.11:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.8.6:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.0:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.1.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.2.3:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.0.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.0.6:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.0.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.8.4:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.0.4:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.0.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.2.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:0.711:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.1.4:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:1.2.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:0.7:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.1.3:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.0:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.8:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.0.7:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.1.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.0.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.7.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:0.71:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.6.3:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.0.5:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.8.3:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.6.5:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.1.3:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.2.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.3.3:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.0.9:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.8.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.2.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.7:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:1.5.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress::::::::	Yes	-	-
cpe:2.3:a:wordpress:wordpress:1.0.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:0.72:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.0.4:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.6.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.9:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.3.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:1.0.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.5.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.0.3:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.6.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:1.5.1.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.1.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:1.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.0.6:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.9.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.5:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.1.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:1.2.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.0.10:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.9.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:1.0:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.3:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:1.5:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.8.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:1.5.1:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:3.0.3:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:1.5.1.3:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.3.2:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.6:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.8.5:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.0.8:::::::*	Yes	-	-
cpe:2.3:a:wordpress:wordpress:2.3:::::::*	Yes	-	-

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2012-0937

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

CVSSv2.0 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2012-0937

CVE information

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

Products Affected

References