Description
WordPress is prone to a security bypass vulnerability. Exploiting this issue could allow an attacker to perform otherwise restricted actions and subsequently read draft posts before they have been published. WordPress version 2.3.1 is vulnerable; prior versions may also be affected.
Remediation
Update to WordPress version 2.3.2 or latest
References
https://core.trac.wordpress.org/ticket/5487
http://www.securityfocus.com/archive/1/485160
Related Vulnerabilities
WordPress Plugin Media from FTP PHP Object Injection (9.79)
WordPress Plugin Analytics Stats Counter Statistics PHP Object Injection (1.2.2.5)
WordPress Plugin FooGallery Image Gallery-Responsive Photo Gallery Cross-Site Scripting (1.4.31)
WordPress Plugin Child Theme Creator by Orbisius Arbitrary File Modification (1.2.6)