WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Vulnerabilities

WordPress <= 5.2.3 - Unauthenticated View Private/Draft Posts

Description

This vulnerability could allow an unauthenticated user to view private or draft posts due to an issue within WP_Query.

Proof of Concept

http://wordpress.local/?static=1&order=asc

Affects WordPress

3.8.1
Fixed in version 3.8.31
3.8
Fixed in version 3.8.31
3.7.1
Fixed in version 3.7.31
3.9
Fixed in version 3.9.29
3.9.1
Fixed in version 3.9.29
3.7
Fixed in version 3.7.31
3.8.2
Fixed in version 3.8.31
3.8.3
Fixed in version 3.8.31
3.9.2
Fixed in version 3.9.29
4.0
Fixed in version 4.0.28

References

CVE
CVE-2019-17671
URL
https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
URL
https://blog.wpscan.com/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
URL
https://github.com/WordPress/WordPress/commit/f82ed753cf00329a5e41f2cb6dc521085136f308
URL
https://0day.work/proof-of-concept-for-wordpress-5-2-3-viewing-unauthenticated-posts/

Classification

Type

BYPASS

Miscellaneous

Original Researcher

J.D. Grimes

Verified

No

WPVDB ID
3413b879-785f-4c9f-aa8a-5a4a1d5e0ba2

Timeline

Publicly Published

2019-10-14 (about 3 years ago)

Added

2019-10-15 (about 3 years ago)

Last Updated

2020-09-22 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin