wordpress
Page content
- Author: kikadf
- Vulnerable: 3.5.1-1
- Unaffected: 3.9-1arcturus1
A user with a contributor role, using a specially crafted request, can publish posts, which is reserved for users of the next-higher role. Jon Cave of the WordPress security team discovered that the wp_validate_auth_cookie function in wp-includes/pluggable.php does not properly determine the validity of authentication cookies, allowing a remote attacker to obtain access via a forged cookie.