CVE-2009-2336

WordPress and WordPress MU < 2.8.1 - Username Enumeration via Forgotten Mail Interface

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2336. PoCs published by Core Security.

AI-analyzed exploit summary This advisory details multiple vulnerabilities in WordPress, including privilege escalation via unchecked access to plugin configuration pages and information disclosure. It provides technical analysis of the root cause and proof-of-concept URLs demonstrating the flaws.

Description

The forgotten mail interface in WordPress and WordPress MU before 2.8.1 exhibits different behavior for a password request depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue, indicating that the behavior exists for "user convenience."

Exploits (1)

exploitdb WRITEUP VERIFIED
by Core Security · textwebappsphp
https://www.exploit-db.com/exploits/9110

This advisory details multiple vulnerabilities in WordPress, including privilege escalation via unchecked access to plugin configuration pages and information disclosure. It provides technical analysis of the root cause and proof-of-concept URLs demonstrating the flaws.

Classification
Writeup 100%
Attack Type
Auth Bypass | Info Leak | Xss
Complexity
Moderate
Reliability
Reliable
Target: WordPress 2.8 and previous, WordPress MU 2.7.1 and previous
Auth required
Prerequisites: Access to a WordPress instance with vulnerable version · Subscriber-level account or higher
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (11)

Core 11
Core References
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00608.html
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00676.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/504795/100/0/threaded
Patch, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1022528
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00632.html
Patch, Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1833
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00597.html
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/9110
Broken Link, Patch vdb-entry x_refsource_osvdb
http://www.osvdb.org/55714
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/35581

Scores

EPSS 0.0541
EPSS Percentile 91.6%

Details

CWE
CWE-16
Status published
Products (2)
wordpress/wordpress < 2.8.1
wordpress/wordpress_mu < 2.8.1
Published Jul 10, 2009
Tracked Since Feb 18, 2026