Package(s):	wordpress	CVE #(s):	CVE-2008-4769
Created:	August 27, 2009	Updated:	September 2, 2009
Description:	From the National Vulnerability Database entry: "Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from third party information."
Alerts:	Debian DSA-1871-2 wordpress 2009-08-27

---

to post comments