WordPress < 2.0.5 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 3803

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running WordPress, a web blog manager written in PHP.
The remote version of this software is reported to be vulnerable to a number of flaws. At the time of this writing, the flaws have not been verified by the vendor. Allegedly, an attacker can exploit these flaws to gain information about the server that would be useful in future attacks.

Solution

Upgrade to WordPress 2.0.5, or later.

See Also

http://wordpress.org

Plugin Details

Severity: Medium

ID: 3803

Family: CGI

Published: 2006/11/02

Modified: 2016/11/23

Dependencies: 9035

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 5

Temporal Score: 4.3

Vector: CVSS3#AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2006-5705

BID: 20869