| Max CVSS | 4.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-3383 | 2.6 |
The map_meta_cap function in wp-includes/capabilities.php in WordPress 3.4.x before 3.4.2, when the multisite feature is enabled, does not properly assign the unfiltered_html capability, which allows remote authenticated users to bypass intended acce
|
18-09-2012 - 03:35 | 22-07-2012 - 17:55 | |
| CVE-2012-4421 | 4.0 |
The create_post function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not perform a capability check, which allows remote authenticated users to bypass intended access restrictions and publish new posts by leveraging the Con
|
17-09-2012 - 04:00 | 14-09-2012 - 19:55 |