CVE-2011-5270

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2011-5270

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2011-5270.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2011-5270

Downstream

DEBIAN-CVE-2011-5270

Published

2014-01-21T01:55:03Z

Modified

2026-04-10T03:44:10.666653Z

Summary

[none]

Details

wp-admin/press-this.php in WordPress before 3.0.6 does not enforce the publish_posts capability requirement, which allows remote authenticated users to perform publish actions by leveraging the Contributor role.

References

http://codex.wordpress.org/Version_3.0.6
https://core.trac.wordpress.org/changeset/17710
https://core.trac.wordpress.org/changeset/17710

CVE-2011-5270

Affected packages