Описание
WordPress before 3.5.2 does not properly check the capabilities of roles, which allows remote authenticated users to bypass intended restrictions on publishing and authorship reassignment via unspecified vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.5.2+dfsg-1 |
| esm-apps/xenial | not-affected | 3.5.2+dfsg-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [3.5.2+dfsg-1]] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needs-triage |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | not-affected | 3.5.2+dfsg-1 |
| trusty | not-affected | 3.5.2+dfsg-1 |
Показывать по
EPSS
4 Medium
CVSS2
Связанные уязвимости
WordPress before 3.5.2 does not properly check the capabilities of roles, which allows remote authenticated users to bypass intended restrictions on publishing and authorship reassignment via unspecified vectors.
WordPress before 3.5.2 does not properly check the capabilities of rol ...
WordPress before 3.5.2 does not properly check the capabilities of roles, which allows remote authenticated users to bypass intended restrictions on publishing and authorship reassignment via unspecified vectors.
EPSS
4 Medium
CVSS2