NVD

Id
54063  
Name
CVE-2007-1893  
Description
xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users with the contributor role to bypass intended access restrictions and invoke the publish_posts functionality, which can be used to "publish a previously saved post."  
Reject
 
CVSS Version
2  
CVSS Score
4.9  
Severity
Medium  
CVSS Base Score
4.9  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
4.4  
CVSS Vector
(AV:A/AC:M/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2007-04-09  
Modified Date
2011-03-09  
Seq
2007-1893  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
274224 54063 CVE-2007-1893 http://trac.wordpress.org/ticket/4091  View
274225 54063 CVE-2007-1893 DSA-1285  View
274226 54063 CVE-2007-1893 http://www.notsosecure.com/folder2/2007/04/03/wordpress-212-xmlrpc-security-issues/  View
274227 54063 CVE-2007-1893 ADV-2007-1245  View
274228 54063 CVE-2007-1893 wordpress-xmlrpc-security-bypass(33470)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
56662 JVNDB-2007-005354 WordPress の xmlrpc におけるアクセス制限を回避される脆弱性 WordPress の xmlrpc (xmlrpc.php) には、アクセス制限を回避される、および publish_posts 機能を呼び出される脆弱性が存在します。 CVE-2007-1893 25248 CVE-2007-1893 54063 4.9 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005354.html 2007-04-09 2012-12-20 View