Incorrect Default Permissions
A flaw exists in Wordpress related to the 'wp-admin/press-this.php' script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publish_posts' permission. This issue affects versions prior to 3.1.2
CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.