Description
WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vectors.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2007-1649)
Oracle Database Server CVE-2014-6467 Vulnerability (CVE-2014-6467)
WordPress Plugin Advanced Contact form 7 DB SQL Injection (1.6.0)
FluxBB CVE-2011-3621 Vulnerability (CVE-2011-3621)
WordPress 2.8 Multiple Existing/Non-Existing Username Enumeration Weaknesses (0.6.2 - 2.8)