Description

WordPress is prone to a security bypass vulnerability because it fails to properly restrict access to trashed posts. An attacker can exploit this vulnerability to perform otherwise restricted actions and subsequently view other authors' trashed posts, which may aid in launching further attacks. WordPress versions 2.9 and 2.9.1 are vulnerable.

Remediation

Update to WordPress version 2.9.2 or latest

References

http://www.securityfocus.com/bid/38368/exploit

http://www.exploit-db.com/exploits/11441/

http://packetstormsecurity.org/files/view/86274/wpurl-bypass.txt

http://secunia.com/advisories/38592/

https://wordpress.org/news/2010/02/wordpress-2-9-2/

Related Vulnerabilities

WordPress Plugin Default Facebook Thumbnails Multiple Vulnerabilities (0.4)

MediaWiki Other Vulnerability (CVE-2013-4570)

MySQL CVE-2021-35643 Vulnerability (CVE-2021-35643)

WordPress Plugin Social Sharing Toolkit Cross-Site Scripting (2.6)

WordPress 5.4.x PHP Object Injection (5.4 - 5.4.5)

Severity

High

Classification

CVE-2010-0682 CWE-264 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Authentication Bypass