FreeBSD : wordpress -- multiple vulnerabilities (b384cc5b-8d56-11e1-8d7b-003067b2972c)

Critical Nessus Plugin ID 58839


The remote FreeBSD host is missing a security-related update.


Wordpress reports :

External code has been updated to non-vulnerable versions. In addition the following bugs have been fixed :

- Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances.

- Cross-site scripting vulnerability when making URLs clickable.

- Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs.


Update the affected package.

See Also

Plugin Details

Severity: Critical

ID: 58839

File Name: freebsd_pkg_b384cc5b8d5611e18d7b003067b2972c.nasl

Version: $Revision: 1.2 $

Type: local

Published: 2012/04/24

Modified: 2013/06/22

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:wordpress, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2012/04/23

Vulnerability Publication Date: 2012/04/20

Reference Information

CVE: CVE-2012-2399, CVE-2012-2400, CVE-2012-2401, CVE-2012-2402, CVE-2012-2403, CVE-2012-2404