Detections
Analytics

WordPress < 1.2.2 Multiple Vulnerabilities

low Nessus Network Monitor Plugin ID 2465

Synopsis

The remote server is hosting an outdated installation of WordPress that is vulnerable to multiple attack vectors.

Description

Versions of WordPress prior to 1.2.2 are vulnerable to various flaws that may allow an attacker to perform an HTML injection attack against the remote host or to allow an attacker to execute arbitrary SQL statements against the remote database.

Solution

Upgrade to WordPress 1.2.2 or higher.

See Also

http://www.securityfocus.com/archive/1/377770

Plugin Details

Severity: Low

ID: 2465

Family: CGI

Published: 12/16/2004

Updated: 3/6/2019

Nessus ID: 15443

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: Low

Base Score: 3.7

Temporal Score: 3.6

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:wordpress:wordpress

Reference Information

CVE: CVE-2004-1584

BID: 11348, 11984, 12066