wordpress
Page content
- Author: Miklos Vajna
- Vulnerable: 2.9.1-1
- Unaffected: 2.9.2-1locris1
A vulnerability has been discovered in WordPress, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to WordPress not properly restricting access to trashed posts, which can be exploited to e.g. view a trashed post by accessing it’s page directly. Successful exploitation requires a valid user account.
- Bug Tracker URL: http://bugs.frugalware.org/task/4131