CVE-2008-4769

WordPress < 2.3.3 - Path Traversal via Cat Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-4769. PoCs published by Gerendi Sandor Attila.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in WordPress 2.3.3 by manipulating the 'cat' parameter to access sensitive files. The PoC URL shows how an attacker can traverse directories to potentially access arbitrary files.

Description

Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gerendi Sandor Attila · textwebappsphp

https://www.exploit-db.com/exploits/31670

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in WordPress 2.3.3 by manipulating the 'cat' parameter to access sensitive files. The PoC URL shows how an attacker can traverse directories to potentially access arbitrary files.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress 2.3.3

No auth needed

Prerequisites: A vulnerable WordPress installation with exposed query parameters

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/41920

Product x_refsource_misc

http://trac.wordpress.org/changeset/7586

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/28845

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2009/dsa-1871

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/29949

Various Sources x_refsource_misc

http://www.juniper.fi/security/auto/vulnerabilities/vuln28845.html

Scores

EPSS 0.0897

EPSS Percentile 94.6%

Details

CWE

CWE-22

Status published

Products (43)

wordpress/wordpress 0.6.2 (2 CPE variants)

wordpress/wordpress 0.6.2.1 (2 CPE variants)

wordpress/wordpress 0.7

wordpress/wordpress 0.71

wordpress/wordpress 0.71-gold

wordpress/wordpress 0.72 (4 CPE variants)

wordpress/wordpress 0.711

wordpress/wordpress 1.0

wordpress/wordpress 1.0-platinum

wordpress/wordpress 1.0.1

... and 33 more

Published Oct 28, 2008

Tracked Since Feb 18, 2026