CVE-2012-6635

Publication date

2014-01-21 01:00:00

Family

mitre

State

PUBLISHED

Description

wp-admin/includes/class-wp-posts-list-table.php in WordPress before 3.3.3 does not properly restrict excerpt-view access, which allows remote authenticated users to obtain sensitive information by visiting a draft.