Description
WordPress is prone to an unauthorized access vulnerability. Attackers can exploit this issue to edit other users' posts. Successfully exploiting this issue may lead to other attacks. WordPress versions prior to 2.3.3 are vulnerable.
Remediation
Update to WordPress version 2.3.3 or latest
References
http://www.village-idiot.org/archives/2008/02/02/wordpress-232-exploit-confirmed/
http://www.securiteam.com/unixfocus/5HP010KNFK.html
Related Vulnerabilities
WordPress Plugin 360 Product Rotation Cross-Site Scripting (1.4.7)
Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3923)
WordPress Plugin WooCommerce Customers Manager Multiple Vulnerabilities (26.5)
WebLogic CVE-2023-22069 Vulnerability (CVE-2023-22069)
WordPress Plugin Contact Form Email Multiple Vulnerabilities (1.2.65)