Lucene search
HistoryJul 22, 2012 - 5:55 p.m.
CVE-2012-3385
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
56.7%
WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vectors.
Affected configurations
Node
wordpresswordpressRange≤3.4.0
ORwordpresswordpressMatch0.71
ORwordpresswordpressMatch1.0
ORwordpresswordpressMatch1.0.1
ORwordpresswordpressMatch1.0.2
ORwordpresswordpressMatch1.1.1
ORwordpresswordpressMatch1.2
ORwordpresswordpressMatch1.2.1
ORwordpresswordpressMatch1.2.2
ORwordpresswordpressMatch1.2.3
ORwordpresswordpressMatch1.2.4
ORwordpresswordpressMatch1.2.5
ORwordpresswordpressMatch1.2.5a
ORwordpresswordpressMatch1.3
ORwordpresswordpressMatch1.3.2
ORwordpresswordpressMatch1.3.3
ORwordpresswordpressMatch1.5
ORwordpresswordpressMatch1.5.1
ORwordpresswordpressMatch1.5.1.1
ORwordpresswordpressMatch1.5.1.2
ORwordpresswordpressMatch1.5.1.3
ORwordpresswordpressMatch1.5.2
ORwordpresswordpressMatch2.0
ORwordpresswordpressMatch2.0.1
ORwordpresswordpressMatch2.0.2
ORwordpresswordpressMatch2.0.4
ORwordpresswordpressMatch2.0.5
ORwordpresswordpressMatch2.0.6
ORwordpresswordpressMatch2.0.7
ORwordpresswordpressMatch2.0.8
ORwordpresswordpressMatch2.0.9
ORwordpresswordpressMatch2.0.10
ORwordpresswordpressMatch2.0.11
ORwordpresswordpressMatch2.1
ORwordpresswordpressMatch2.1.1
ORwordpresswordpressMatch2.1.2
ORwordpresswordpressMatch2.1.3
ORwordpresswordpressMatch2.2
ORwordpresswordpressMatch2.2.1
ORwordpresswordpressMatch2.2.2
ORwordpresswordpressMatch2.2.3
ORwordpresswordpressMatch2.3
ORwordpresswordpressMatch2.3.1
ORwordpresswordpressMatch2.3.2
ORwordpresswordpressMatch2.3.3
ORwordpresswordpressMatch2.5
ORwordpresswordpressMatch2.5.1
ORwordpresswordpressMatch2.6
ORwordpresswordpressMatch2.6.1
ORwordpresswordpressMatch2.6.2
ORwordpresswordpressMatch2.6.3
ORwordpresswordpressMatch2.6.5
ORwordpresswordpressMatch2.7
ORwordpresswordpressMatch2.7.1
ORwordpresswordpressMatch2.8
ORwordpresswordpressMatch2.8.1
ORwordpresswordpressMatch2.8.2
ORwordpresswordpressMatch2.8.3
ORwordpresswordpressMatch2.8.4
ORwordpresswordpressMatch2.8.4a
ORwordpresswordpressMatch2.8.5
ORwordpresswordpressMatch2.8.5.1
ORwordpresswordpressMatch2.8.5.2
ORwordpresswordpressMatch2.8.6
ORwordpresswordpressMatch2.9
ORwordpresswordpressMatch2.9.1
ORwordpresswordpressMatch2.9.1.1
ORwordpresswordpressMatch2.9.2
ORwordpresswordpressMatch3.0
ORwordpresswordpressMatch3.0.1
ORwordpresswordpressMatch3.0.2
ORwordpresswordpressMatch3.0.3
ORwordpresswordpressMatch3.0.4
ORwordpresswordpressMatch3.0.5
ORwordpresswordpressMatch3.0.6
ORwordpresswordpressMatch3.1
ORwordpresswordpressMatch3.1.1
ORwordpresswordpressMatch3.1.2
ORwordpresswordpressMatch3.1.3
ORwordpresswordpressMatch3.1.4
ORwordpresswordpressMatch3.2
ORwordpresswordpressMatch3.2.1
ORwordpresswordpressMatch3.3
ORwordpresswordpressMatch3.3.2
ORwordpresswordpressMatch3.3.3
Related
cve
cve
CVE-2012-3385
2012-07-22 17:55:03
ubuntucve
ubuntucve
CVE-2012-3385
2012-07-22 00:00:00
cvelist
cvelist
CVE-2012-3385
2012-07-22 17:00:00
patchstack
patchstack
WordPress <= 3.4.0 - Multiple Vulnerabilities
2012-06-14 00:00:00
prion
prion
Design/Logic Flaw
2012-07-22 17:55:00
debiancve
debiancve
CVE-2012-3385
2012-07-22 17:55:03
openvas
openvas
WordPress < 3.4.1 Multiple Vulnerabilities
2022-12-08 00:00:00
nessus
nessus
WordPress < 3.4.1 Multiple Vulnerabilities
2012-07-23 00:00:00
WordPress < 3.4.1 Multiple Vulnerabilities
2016-02-26 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
56.7%
Related for NVD:CVE-2012-3385