FreeBSD : wordpress -- multiple vulnerabilities (54e50cd9-c1a8-11e6-ae1b-002590263bf5)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Jeremy Felt reports :

WordPress versions 4.6 and earlier are affected by two security
issues: a cross-site scripting vulnerability via image filename,
reported by SumOfPwn researcher Cengiz Han Sahin; and a path traversal
vulnerability in the upgrade package uploader, reported by Dominik
Schilling from the WordPress security team.

See also :

http://www.nessus.org/u?be1e697e
http://www.nessus.org/u?e6a25d2f

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 95786 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now