Debian DSA-3639-1 : wordpress - security update
Medium Nessus Plugin ID 92706
SynopsisThe remote Debian host is missing a security-related update.
DescriptionSeveral vulnerabilities were discovered in wordpress, a web blogging tool, which could allow remote attackers to compromise a site via cross-site scripting, bypass restrictions, obtain sensitive revision-history information, or mount a denial of service.
SolutionUpgrade the wordpress packages.
For the stable distribution (jessie), these problems have been fixed in version 4.1+dfsg-1+deb8u9.