Description
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin FeedWordPress Multiple Vulnerabilities (2015.0426)
WordPress Plugin Imagements Arbitrary File Upload (1.2.5)
WordPress Plugin WP Database Reset Multiple Security Bypass Vulnerabilities (3.1)
Drupal Core 9.3.x Cross-Site Scripting (9.3.0 - 9.3.2)
WordPress Plugin Advanced Page Manager Cross-Site Scripting (1.4.1)