Описание
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-20152
- https://codex.wordpress.org/Version_4.9.9
- https://lists.debian.org/debian-lts-announce/2019/02/msg00019.html
- https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release
- https://wordpress.org/support/wordpress-version/version-5-0-1
- https://wpvulndb.com/vulnerabilities/9170
- https://www.debian.org/security/2019/dsa-4401
- https://www.zdnet.com/article/wordpress-plugs-bug-that-led-to-google-indexing-some-user-passwords
- http://www.securityfocus.com/bid/106220
Связанные уязвимости
CVSS3: 6.5
ubuntu
почти 7 лет назад
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.
CVSS3: 6.5
nvd
почти 7 лет назад
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.
CVSS3: 6.5
debian
почти 7 лет назад
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass i ...