|
|
CVE Reference: CVE-2007-1893 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-1893 |
|
|
Description: xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users with the contributor role to bypass intended access restrictions and invoke the publish_posts functionality, which can be used to "publish a previously saved post." |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/33470 SAID Secunia Advisory: SA24751 Secunia Advisory: SA25108 MISC http://www.notsosecure.com/folder2/2007/04/03/wordpress-212-xmlrpc-security-issues/ DEBIAN http://www.debian.org/security/2007/dsa-1285 CONFIRM http://trac.wordpress.org/ticket/4091 |
|
| Return to the previous page. |
