FreeBSD : wordpress -- multiple vulnerabilities (54e50cd9-c1a8-11e6-ae1b-002590263bf5)
High Nessus Plugin ID 95786
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionJeremy Felt reports :
WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename, reported by SumOfPwn researcher Cengiz Han Sahin; and a path traversal vulnerability in the upgrade package uploader, reported by Dominik Schilling from the WordPress security team.
SolutionUpdate the affected packages.