What the vulnerability does

01Description

A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publish_posts' permission.

Key dates

02Disclosure timeline

April 18, 2022 CVE published
August 6, 2024 Record updated