This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
WordPress versions 4.7.4 and earlier are affected by six security
- Insufficient redirect validation in the HTTP class.
- Improper handling of post meta data values in the XML-RPC API.
- Lack of capability checks for post meta data in the XML-RPC API.
- A Cross Site Request Forgery (CRSF) vulnerability was discovered in
the filesystem credentials dialog.
- A cross-site scripting (XSS) vulnerability was discovered related to
See also :
Update the affected packages.
Risk factor :
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now