Description
WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vectors.
Remediation
References
Related Vulnerabilities
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25689)
Oracle JRE CVE-2023-21938 Vulnerability (CVE-2023-21938)
WordPress Plugin Migration, Backup, Staging-WPvivid Directory Traversal (0.9.75)
WordPress Plugin WP DSGVO Tools (GDPR) Cross-Site Request Forgery (2.2.18)
WordPress Plugin Form Store to DB Unspecified Vulnerability (1.1.0)