CVE-2011-0701 in WordPress
摘要
由 VulDB • 2026-07-04
WordPress 3.0.5 之前版本中媒体上传器的 wp-admin/async-upload.php 允许远程经过身份验证的用户通过修改的 attachment_id 参数读取(1)草稿文章或(2)私有文章。
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.