Description
wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read (1) draft posts or (2) private posts via a modified attachment_id parameter.
Remediation
References
Related Vulnerabilities
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-3011)
PHP NULL Pointer Dereference Vulnerability (CVE-2018-19935)
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5652)
WordPress 2.2.2 Multiple Vulnerabilities (2.2 - 2.2.2)
WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.1.9)