0.002 Low
EPSS
Percentile
54.0%
wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read (1) draft posts or (2) private posts via a modified attachment_id parameter.
launchpad.net/bugs/cve/CVE-2011-0701
nvd.nist.gov/vuln/detail/CVE-2011-0701
security-tracker.debian.org/tracker/CVE-2011-0701
www.cve.org/CVERecord?id=CVE-2011-0701