Description
wp-admin/media-upload.php in WordPress before 3.3.3 allows remote attackers to obtain sensitive information or bypass intended media-attachment restrictions via a post_id value.
Remediation
References
Related Vulnerabilities
WordPress Plugin Members Import Cross-Site Request Forgery (1.3)
SharePoint CVE-2025-21393 Vulnerability (CVE-2025-21393)
WordPress Plugin Limit Login Attempts Reloaded Cross-Site Scripting (2.15.2)
WordPress Plugin Backup Migration Arbitrary File Download (1.3.6)
Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-29718)