FreeBSD : wordpress -- multiple vulnerabilities (a4955b32-ed84-11d9-8310-0001020eed82)
High Nessus Plugin ID 19058
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionA Gentoo Linux Security Advisory reports :
Due to a lack of input validation, WordPress is vulnerable to SQL injection and XSS attacks.
An attacker could use the SQL injection vulnerabilities to gain information from the database. Furthermore the cross-site scripting issues give an attacker the ability to inject and execute malicious script code or to steal cookie-based authentication credentials, potentially compromising the victim's browser.
SolutionUpdate the affected package.