Candidate: CVE-2010-5106
PublicDate: 2012-09-14 19:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5106
 http://openwall.com/lists/oss-security/2012/09/14/10
 http://core.trac.wordpress.org/changeset/16803
 http://codex.wordpress.org/Version_3.0.3
Description:
 The XML-RPC remote publishing interface in xmlrpc.php in WordPress before
 3.0.3 does not properly check capabilities, which allows remote
 authenticated users to bypass intended access restrictions, and publish,
 edit, or delete posts, by leveraging the Author or Contributor role.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_wordpress:
upstream_wordpress: released (3.0.3)
hardy_wordpress: ignored (reached end-of-life)
lucid_wordpress: ignored (reached end-of-life)
natty_wordpress: not-affected (3.0.5+dfsg-1ubuntu1)
oneiric_wordpress: not-affected
precise_wordpress: not-affected
quantal_wordpress: not-affected
raring_wordpress: not-affected
saucy_wordpress: not-affected
devel_wordpress: not-affected