Описание
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:wordpress:wordpress:2.9:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.9.1:beta1:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.9.1:rc1:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.22897
Средний
4 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
больше 15 лет назад
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.
debian
больше 15 лет назад
WordPress 2.9 before 2.9.2 allows remote authenticated users to read t ...
github
больше 3 лет назад
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.
EPSS
Процентиль: 96%
0.22897
Средний
4 Medium
CVSS2
Дефекты
CWE-264