CVE-2012-3385 vulnerabilities and exploits

(subscribe to this query)

WordPress prior to 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vectors.

Wordpress Wordpress Wordpress Wordpress 0.71 Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1 Wordpress Wordpress 1.0.2 Wordpress Wordpress 1.1.1 Wordpress Wordpress 1.2 Wordpress Wordpress 1.2.1 Wordpress Wordpress 1.2.2 Wordpress Wordpress 1.2.3 Wordpress Wordpress 1.2.4 Wordpress Wordpress 1.2.5

Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress prior to 3.4.1 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.

Wordpress Wordpress Wordpress Wordpress 0.71 Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1 Wordpress Wordpress 1.0.2 Wordpress Wordpress 1.1.1 Wordpress Wordpress 1.2 Wordpress Wordpress 1.2.1 Wordpress Wordpress 1.2.2 Wordpress Wordpress 1.2.3 Wordpress Wordpress 1.2.4 Wordpress Wordpress 1.2.5

The map_meta_cap function in wp-includes/capabilities.php in WordPress 3.4.x prior to 3.4.2, when the multisite feature is enabled, does not properly assign the unfiltered_html capability, which allows remote authenticated users to bypass intended access restrictions and conduct ...

Wordpress Wordpress 3.4.0

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook