CVE-2012-5469

EXPLOITED

Portable phpMyAdmin <1.3.1 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2012-5469 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Mark Stanislav.

AI-analyzed exploit summary This is a writeup describing an authentication bypass vulnerability in the portable-phpMyAdmin WordPress plugin. The exploit involves directly accessing a plugin file path to gain unauthorized access to the phpMyAdmin interface without credentials.

Description

The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Mark Stanislav · textwebappsphp
https://www.exploit-db.com/exploits/23356

This is a writeup describing an authentication bypass vulnerability in the portable-phpMyAdmin WordPress plugin. The exploit involves directly accessing a plugin file path to gain unauthorized access to the phpMyAdmin interface without credentials.

Classification
Writeup 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: portable-phpMyAdmin WordPress Plugin 1.3.0
No auth needed
Prerequisites: Direct access to the plugin file path
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

EPSS 0.0183
EPSS Percentile 83.4%

Details

VulnCheck KEV 2022-05-11
CWE
CWE-264
Status published
Products (26)
phpmyadmin/phpmyadmin 1.0.0
phpmyadmin/phpmyadmin 1.0.1
phpmyadmin/phpmyadmin 1.0.2
phpmyadmin/phpmyadmin 1.0.3
phpmyadmin/phpmyadmin 1.0.4
phpmyadmin/phpmyadmin 1.0.5
phpmyadmin/phpmyadmin 1.0.6 (2 CPE variants)
phpmyadmin/phpmyadmin 1.0.7
phpmyadmin/phpmyadmin 1.0.8
phpmyadmin/phpmyadmin 1.1
... and 16 more
Published Dec 20, 2012
Tracked Since Feb 18, 2026