CVE-2010-5106
Publication date 14 September 2012
Last updated 24 July 2024
Ubuntu priority
The XML-RPC remote publishing interface in xmlrpc.php in WordPress before 3.0.3 does not properly check capabilities, which allows remote authenticated users to bypass intended access restrictions, and publish, edit, or delete posts, by leveraging the Author or Contributor role.
Status
Package | Ubuntu Release | Status |
---|---|---|
wordpress | 13.10 saucy |
Not affected
|
13.04 raring |
Not affected
|
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
11.10 oneiric |
Not affected
|
|
11.04 natty |
Not affected
|
|
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Ignored end of life |