Descriptionwp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Timeline for this CVECVE page created: Thu Sep 12 17:15:27 2013
CVE page last modified: Fri Oct 7 12:46:34 2022