Unrated severityNVD Advisory· Published Jul 27, 2009· Updated Jun 16, 2026

CVE-2009-2602

Description

R2 Newsletter Lite, Pro, and Stats stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for admin.mdb.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

WordPress/R2 Newsletterinferred
Package: https://wordpress.org/plugins/r2-newsletter

Patches

Vulnerability mechanics

References

secunia.com/advisories/35312nvdVendor Advisory
www.exploit-db.com/exploits/8849nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000