Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-5270HistoryOct 03, 2022 - 4:15 p.m.
CVE-2011-5270
2022-10-0316:15:12
Debian Security Bug Tracker
security-tracker.debian.org
11
wordpress
press-this.php
cve-2011-5270
publish_posts
contributor role
security vulnerability
unix
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
40.8%
wp-admin/press-this.php in WordPress before 3.0.6 does not enforce the publish_posts capability requirement, which allows remote authenticated users to perform publish actions by leveraging the Contributor role.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | wordpress | < 3.2.1+dfsg-1 | wordpress_3.2.1+dfsg-1_all.deb |
| Debian | 11 | all | wordpress | < 3.2.1+dfsg-1 | wordpress_3.2.1+dfsg-1_all.deb |
| Debian | 999 | all | wordpress | < 3.2.1+dfsg-1 | wordpress_3.2.1+dfsg-1_all.deb |
| Debian | 13 | all | wordpress | < 3.2.1+dfsg-1 | wordpress_3.2.1+dfsg-1_all.deb |
Related
cve
cve
CVE-2011-5270
2022-10-03 16:15:12
wpvulndb
wpvulndb
WordPress <= 3.0.5 wp-admin/press-this.php Privilege Escalation
2014-08-01 10:58:23
nvd
nvd
CVE-2011-5270
2014-01-21 01:55:03
ubuntucve
ubuntucve
CVE-2011-5270
2014-01-21 00:00:00
patchstack
patchstack
WordPress <= 3.0.5
2014-01-20 00:00:00
prion
prion
Authentication flaw
2014-01-21 01:55:00
cvelist
cvelist
CVE-2011-5270
2022-10-03 16:15:12
nessus
nessus
WordPress 'press-this.php' Security Bypass
2014-03-12 00:00:00
WordPress 3.1.x < 3.1.2 / 3.0.x < 3.0.6 Multiple Vulnerabilities
2016-02-26 00:00:00
openvas
openvas
WordPress < 3.0.6 Access Restriction Bypass Vulnerability
2022-12-08 00:00:00
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
40.8%
Related for DEBIANCVE:CVE-2011-5270