PRIOn knowledge basePRION:CVE-2011-3128

HistoryAug 10, 2011 - 9:55 p.m.

Code injection

2011-08-1021:55:00

PRIOn knowledge base

www.prio-n.com

AI Score

6.8

Confidence

Low

EPSS

0.006

Percentile

77.8%

JSON

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote attackers to obtain sensitive data via vectors related to wp-includes/post.php.

References

core.trac.wordpress.org/changeset/18023/branches/3.1

secunia.com/advisories/49138

wordpress.org/news/2011/05/wordpress-3-1-3/

www.debian.org/security/2012/dsa-2470

www.securityfocus.com/bid/47995

exchange.xforce.ibmcloud.com/vulnerabilities/69171