Description
The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a crafted URL, related to an "unpublishing bypass" issue.
Remediation
References
Related Vulnerabilities
WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress Remote Code Execution (1.3.4)
MySQL CVE-2020-14846 Vulnerability (CVE-2020-14846)
WordPress Plugin All-in-One Video Gallery Multiple Vulnerabilities (2.6.0)
MySQL CVE-2014-2442 Vulnerability (CVE-2014-2442)
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress Cross-Site Scripting (3.9.1)