Description
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Salon booking system Cross-Site Request Forgery (3.13.1)
Microsoft SQL Server Other Vulnerability (CVE-2000-1081)
WordPress Plugin MAZ Loader-Preloader Builder for WordPress Cross-Site Request Forgery (1.4.0)
MediaWiki Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4302)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2190)