This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
The wordpress development team reports :
- Block unsafe PHP unserialization that could occur in limited
situations and setups, which can lead to remote code execution.
- Prevent a user with an Author role, using a specially crafted
request, from being able to create a post 'written by' another user.
- Fix insufficient input validation that could result in redirecting
or leading a user to another website.
Additionally, we've adjusted security restrictions around file uploads
to mitigate the potential for cross-site scripting.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5