Description
WordPress is prone to a security bypass vulnerability. Exploiting this issue could allow an attacker to perform otherwise restricted actions and subsequently read draft posts before they have been published. WordPress version 2.3.1 is vulnerable; prior versions may also be affected.
Remediation
Update to WordPress version 2.3.2 or latest
References
https://core.trac.wordpress.org/ticket/5487
http://www.securityfocus.com/archive/1/485160
Related Vulnerabilities
e107 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3731)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5338)
IBM RTC Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-4946)
Oracle Application Server CVE-2008-7233 Vulnerability (CVE-2008-7233)
Oracle Database Server CVE-2014-2408 Vulnerability (CVE-2014-2408)