Description
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files.
Remediation
References
Related Vulnerabilities
phpBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1627)
Jenkins DEPRECATED: Code Vulnerability (CVE-2016-3721)
Oracle Database Server CVE-2015-4753 Vulnerability (CVE-2015-4753)
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.30)
WordPress Plugin WF Cookie Consent Cross-Site Scripting (1.1.3)