Описание
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-20152
- https://codex.wordpress.org/Version_4.9.9
- https://lists.debian.org/debian-lts-announce/2019/02/msg00019.html
- https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release
- https://wordpress.org/support/wordpress-version/version-5-0-1
- https://wpvulndb.com/vulnerabilities/9170
- https://www.debian.org/security/2019/dsa-4401
- https://www.zdnet.com/article/wordpress-plugs-bug-that-led-to-google-indexing-some-user-passwords
- http://www.securityfocus.com/bid/106220
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 6 лет назад
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.
CVSS3: 6.5
nvd
больше 6 лет назад
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.
CVSS3: 6.5
debian
больше 6 лет назад
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass i ...