Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The XML-RPC remote publishing interface in xmlrpc.php in WordPress before 3.0.3 does not properly check capabilities, which allows remote authenticated users to bypass intended access restrictions, and publish, edit, or delete posts, by leveraging the Author or Contributor role.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress XML-RPC权限许可和访问控制漏洞
Vulnerability Description
WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress 3.0.3之前版本中的xmlrpc.php中的XML-RPC远程发布界面中存在漏洞,该漏洞源于未正确检查功能。远程认证用户可利用Author或Contributor角色绕过目地访问限制,并发布、编辑、或删除帖子。
CVSS Information
N/A
Vulnerability Type
N/A