Unrated severityNVD Advisory· Published Aug 10, 2011· Updated Jun 16, 2026
CVE-2011-3128
CVE-2011-3128
Description
WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote attackers to obtain sensitive data via vectors related to wp-includes/post.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:wordpress:wordpress:3.1:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:wordpress:wordpress:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:wordpress:wordpress:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:wordpress:wordpress:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:wordpress:wordpress:3.2:beta1:*:*:*:*:*:*
- (no CPE)range: <3.1.3, <3.2 Beta 2
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.