ID de Prueba:	1.3.6.1.4.1.25623.1.0.803077
Categoría:	Web application abuses
Título:	WordPress Portable phpMyAdmin Plugin 'wp-pma-mod' Security Bypass Vulnerability
Resumen:	WordPress Portable phpMyAdmin Plugin is prone to a security bypass vulnerability.
Descripción:	Summary: WordPress Portable phpMyAdmin Plugin is prone to a security bypass vulnerability. Vulnerability Insight: The plugin fails to verify an existing WordPress session when accessing the plugin file path directly. An attacker can get a full phpMyAdmin console with the privilege level of the MySQL configuration of WordPress by accessing 'wp-content/plugins/portable-phpmyadmin/wp-pma-mod'. Vulnerability Impact: Successful exploitation will allow remote attackers to gain sensitive information. Affected Software/OS: WordPress Portable phpMyAdmin plugin version 1.3.0 Solution: Update to the WordPress Portable phpMyAdmin Plugin 1.3.1 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-5469 Bugtraq: 20121212 'portable-phpMyAdmin (WordPress Plugin)' Authentication Bypass (CVE-2012-5469) (Google Search) http://archives.neohapsis.com/archives/bugtraq/2012-12/0092.html http://wordpress.org/extend/plugins/portable-phpmyadmin/changelog/
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.