VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 6, 2010· Updated Apr 29, 2026

CVE-2010-4403

CVE-2010-4403

Description

The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message.

Affected products

22
  • Devbits/Register Plus22 versions
    cpe:2.3:a:devbits:register-plus:*:*:*:*:*:*:*:*+ 21 more
    • cpe:2.3:a:devbits:register-plus:*:*:*:*:*:*:*:*range: <=3.5.1
    • cpe:2.3:a:devbits:register-plus:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:3.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:devbits:register-plus:3.5:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.