FreeBSD : wordpress -- remote sql injection vulnerability (63347ee7-6841-11dc-82b6-02e0185f8d72)
High Nessus Plugin ID 26089
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionAlexander Concha reports :
While testing WordPress, it has been discovered a SQL Injection vulnerability that allows an attacker to retrieve remotely any user credentials from a vulnerable site, this bug is caused because of early database escaping and the lack of validation in query string like parameters.
SolutionUpdate the affected packages.