CVE-2013-2200
Description
WordPress before 3.5.2 does not properly check the capabilities of roles, which allows remote authenticated users to bypass intended restrictions on publishing and authorship reassignment via unspecified vectors.
Risk Information
Base Score
4.7
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
EPSS Score
Exploitation Probability
1.395
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update wordpress 3.5.1 to latest version | Windows |
| wordpress security update(DSA-3472-1) wordpress_4.1+dfsg-1+deb8u8_all.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234