CVE-2009-2854

Name of the Vulnerable Software and Affected Versions Wordpress versions prior to 2.8.3

Description The issue allows remote attackers to make unauthorized edits or additions by sending a direct request to certain API endpoints, including "edit-comments.php", "edit-pages.php", "edit.php", "edit-category-form.php", "edit-link-category-form.php", "edit-tag-form.php", "export.php", "import.php", or "link-add.php" in the wp-admin directory.

Recommendations For Wordpress versions prior to 2.8.3, update to version 2.8.3 or later to resolve the issue.