CVE-2007-1893 in WordPress
Résumé
par MITRE
xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users with the contributor role to bypass intended access restrictions and invoke the publish_posts functionality, which can be used to "publish a previously saved post."
Once again VulDB remains the best source for vulnerability data.