CVE-2012-6635
EPSS 0.69%Published: 1/21/2014Modified: 5/27/2026
Description
wp-admin/includes/class-wp-posts-list-table.php in WordPress before 3.3.3 does not properly restrict excerpt-view access, which allows remote authenticated users to obtain sensitive information by visiting a draft.
Affected packages (1)
- Debian/wordpressfrom 0, < 3.4+dfsg-1