FreeBSD : wordpress -- XSS vulnerability (c80b27a2-3165-11e5-8a1d-14dae9d210b8)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Gary Pendergast reports :

WordPress versions 4.2.2 and earlier are affected by a cross-site
scripting vulnerability, which could allow users with the Contributor
or Author role to compromise a site. This was reported by Jon Cave and
fixed by Robert Chapin, both of the WordPress security team.

See also :

https://wordpress.org/news/2015/07/wordpress-4-2-3/
http://www.nessus.org/u?6e1b712f

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 84973 ()

Bugtraq ID:

CVE ID: CVE-2015-5622
CVE-2015-5623

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now