This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
Secunia reports :
Slappter has discovered a vulnerability in WordPress, which can be
exploited by malicious users to conduct SQL injection attacks.
Input passed to the 'wp.suggestCategories' method in xmlrpc.php is not
properly sanitised before being used in SQL queries. This can be
exploited to manipulate SQL queries by injecting arbitrary SQL code.
Successful exploitation allows e.g. retrieving usernames and password
hashes, but requires valid user credentials and knowledge of the
database table prefix.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.5
CVSS Temporal Score : 5.7
Public Exploit Available : true