A flaw in WordPress has been exposed that means media files uploaded to the popular blogging site may not be protected in the same way that text is.
The flaw lays in the way that WordPress assigns URLs to images, video and other media files. The result is that these types of files, uploaded to the sites media library function, could be accessed prior to publication. The timing between the post and the upload of the media is not synced and therefore a file could be accessible before the specified date or time.
The severity of the flaw is low as it does not allow access to any internal networks or systems. It could however be damaging to businesses who draft announcements to be made at certain times, in which any supporting media could potentially be leaked early.