According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.7.3.
It is, therefore, affected by multiple vulnerabilities :

  - A cross-site scripting (XSS) vulnerability exists in the     wp_playlist_shortcode() function within the     /wp-includes/media.php script due to a failure to     validate input passed via audio file metadata before     returning it to users. An unauthenticated, remote     attacker can exploit this, via a specially crafted     request, to execute arbitrary script code in a user's     browser session.

  - A cross-site redirection vulnerability exists due to     a failure to validate input passed via control     characters before returning it to users. An     unauthenticated, remote attacker can exploit this, via     a specially crafted link, to redirect a user from an     intended legitimate website to an arbitrary website of     the attacker's choosing.

  - An unspecified flaw exists in the plugin deletion     functionality that allows an authenticated, remote     attacker to delete unintended files.

  - A cross-site scripting (XSS) vulnerability exists due to     a failure to validate input to video URLs in YouTube     embeds before returning it to users. An unauthenticated,     remote attacker can exploit this, via a specially     crafted request, to execute arbitrary script code in a     user's browser session.

  - A cross-site scripting (XSS) vulnerability exists due to     a failure to validate input to taxonomy term names     before returning it to users. An unauthenticated, remote     attacker can exploit this, via a specially crafted     request, to execute arbitrary script code in a user's     browser session.

  - A cross-site request forgery (XSRF) vulnerability exists     in the Press This functionality, specifically within     /wp-admin/press-this.php when handling HTTP requests,     due to a failure to require multiple steps, explicit     confirmation, or a unique token when performing certain     sensitive actions. An unauthenticated, remote attacker     can exploit this, by convincing a user to follow a     specially crafted link, to cause excessive consumption     of server resources.

  - A DOM-based cross-site scripting (XSS) vulnerability     exists in the renderTracks() function within the     /wp-includes/js/mediaelement/wp-playlist.min.js script     due to a failure to validate input passed via audio file     metadata before returning it to users. An     unauthenticated, remote attacker can exploit this, via a     specially crafted request, to execute arbitrary script     code in a user's browser session.
  - A directory traversal vulnerability exists in WordPress' wp-json component due to an error in post listing. An     unauthenticated, remote attacker can exploit this, by sending a URI that contains directory traversal characters,     to disclose the contents of files located outside of the server's restricted path.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

WordPress < 4.7.3 Multiple Vulnerabilities

medium Nessus Plugin ID 97635

Version 1.14