WordPress is prone to an unauthorized access vulnerability. Attackers can exploit this issue to edit other users' posts. Successfully exploiting this issue may lead to other attacks. WordPress versions prior to 2.3.3 are vulnerable.
Update to WordPress version 2.3.3 or latest
WordPress Plugin Smart Marketing SMS and Newsletters Forms Cross-Site Scripting (1.1.1)
WordPress Plugin Timber Cross-Site Scripting (1.2.2)
WordPress Plugin PollDeep Arbitrary File Upload (1.2)
WordPress Plugin Terillion Reviews Profile Id Cross-Site Scripting (1.1)