FreeBSD : wordpress -- multiple vulnerabilities (b384cc5b-8d56-11e1-8d7b-003067b2972c)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Wordpress reports :

External code has been updated to non-vulnerable versions. In addition
the following bugs have been fixed :

- Limited privilege escalation where a site administrator could
deactivate network-wide plugins when running a WordPress network under
particular circumstances.

- Cross-site scripting vulnerability when making URLs clickable.

- Cross-site scripting vulnerabilities in redirects after posting
comments in older browsers, and when filtering URLs.

See also :

https://codex.wordpress.org/Version_3.3.2
http://www.nessus.org/u?44bacb60

Solution :

Update the affected package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 58839 ()

Bugtraq ID:

CVE ID: CVE-2012-2399
CVE-2012-2400
CVE-2012-2401
CVE-2012-2402
CVE-2012-2403
CVE-2012-2404

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now