CVE-2010-0682

WordPress 2.9 - Authenticated Information Disclosure via Trash Post Access

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-0682. PoCs published by tmacuk.

AI-analyzed exploit summary This PoC exploits a failure to restrict URL access in WordPress >= 2.9, allowing authenticated users with minimal privileges (e.g., 'subscriber') to access trashed posts. The script iterates through post IDs, comparing responses between authenticated and unauthenticated requests to identify trashed posts.

Description

WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by tmacuk · textwebappsphp

https://www.exploit-db.com/exploits/11441

View Code ZIP pw:eip

This PoC exploits a failure to restrict URL access in WordPress >= 2.9, allowing authenticated users with minimal privileges (e.g., 'subscriber') to access trashed posts. The script iterates through post IDs, comparing responses between authenticated and unauthenticated requests to identify trashed posts.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: WordPress >= 2.9

Auth required

Prerequisites: Authenticated user cookie (any privilege level) · WordPress installation with trashed posts

MITRE ATT&CK