CVE-2013-4340

Опубликовано: 12 сент. 2013

Источник: debian

Описание

wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
wordpress	fixed	3.6.1+dfsg-1		package

Примечания

http://core.trac.wordpress.org/changeset/25321

Связанные уязвимости

CVE-2013-4340

ubuntu

около 12 лет назад

wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter.

CVE-2013-4340

nvd

около 12 лет назад

wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter.

GHSA-4rqg-qrg6-vxj8

github

больше 3 лет назад

wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter.