CVE-2012-6512 Information

Description

The Organizer plugin 1.2.1 for WordPress allows remote attackers to obtain the installation path via unspecified vectors to (1) plugin_hook.php (2) page/index.php (3) page/dir.php (4) page/options.php (5) page/resize.php (6) page/upload.php (7) page/users.php or (8) page/view.php.

Reference

http://packetstormsecurity.org/files/112086/WordPress-Organizer-1.2.1-Cross-Site-Scripting-Path-Disclosure.html http://websecurity.com.ua/5782 https://exchange.xforce.ibmcloud.com/vulnerabilities/75107