5 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-20043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a...
CVE-2019-16788
This CVE entry is rejected/not used; reference CVE-2019-20043 instead.
[SECURITY] [DSA 4599-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4599-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 08, 2020 https://www.debian.org/security/faq -...
CVE-2019-20043
In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this...
CVE-2019-20043
In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this...