Description
WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote attackers to obtain sensitive data via vectors related to wp-includes/post.php.
Remediation
References
Related Vulnerabilities
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-24986)
Oracle Database Server CVE-2010-0851 Vulnerability (CVE-2010-0851)
Oracle Database Server CVE-2015-4923 Vulnerability (CVE-2015-4923)
Apache Tomcat Other Vulnerability (CVE-2000-1210)
Apache HTTP Server CVE-2002-0392 Vulnerability (CVE-2002-0392)