Описание
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This affected WordPress 5.8 beta during the testing period. It's fixed in the final 5.8 release.
Ссылки
- Third Party Advisory
- Permissions Required
- Third Party Advisory
- Permissions Required
Уязвимые конфигурации
EPSS
6.8 Medium
CVSS3
6.5 Medium
CVSS3
6 Medium
CVSS2
Дефекты
Связанные уязвимости
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This affected WordPress 5.8 beta during the testing period. It's fixed in the final 5.8 release.
WordPress is a free and open-source content management system written ...
Уязвимость системы управления содержимым сайта WordPress, связанная с ошибками авторизации, позволяющая нарушителю обойти существующие ограничения
EPSS
6.8 Medium
CVSS3
6.5 Medium
CVSS3
6 Medium
CVSS2