Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2010-5296

Опубликовано: 21 янв. 2014
Источник: debian
EPSS Низкий

Описание

wp-includes/capabilities.php in WordPress before 3.0.2, when a Multisite configuration is used, does not require the Super Admin role for the delete_users capability, which allows remote authenticated administrators to bypass intended access restrictions via a delete action.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
wordpressfixed3.0.2-1package

EPSS

Процентиль: 53%
0.00297
Низкий

Связанные уязвимости

ubuntu
больше 11 лет назад

wp-includes/capabilities.php in WordPress before 3.0.2, when a Multisite configuration is used, does not require the Super Admin role for the delete_users capability, which allows remote authenticated administrators to bypass intended access restrictions via a delete action.

nvd
больше 11 лет назад

wp-includes/capabilities.php in WordPress before 3.0.2, when a Multisite configuration is used, does not require the Super Admin role for the delete_users capability, which allows remote authenticated administrators to bypass intended access restrictions via a delete action.

github
около 3 лет назад

wp-includes/capabilities.php in WordPress before 3.0.2, when a Multisite configuration is used, does not require the Super Admin role for the delete_users capability, which allows remote authenticated administrators to bypass intended access restrictions via a delete action.

EPSS

Процентиль: 53%
0.00297
Низкий