WordPress 2.9 - Failure to Restrict URL Access



Description
When WordPress implemented the new Trash feature they failed to change the permissions granted when the post is in the trash. This means that an unauthenticated user cannot see the post, however an authenticated user can, no matter what privileges they have, even ‘subscriber’.

See ExploitDB for PoC

Affects WordPress

fixed in version 2.9.2

References

CVE 2010-0682
EXPLOITDB 11441
URL https://blog.dewhurstsecurity.com/2010/02/13/wordpress-2-9-failure-to-restrict-url-access.html

Classification

Type AUTHBYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
CWE CWE-287

Miscellaneous

Views 4230
Verified Yes
WPVDB ID 6015

Timeline

Publicly Published 2014-08-01 (over 5 years ago)
Added 2014-08-01 (over 5 years ago)
Last Updated 2019-10-21 (about 2 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin