WordPress < 3.7.6 / 3.8.x < 3.8.6 / 3.9.x < 3.9.4 / 4.1.x < 4.1.2 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 9026

Synopsis

The remote server is hosting an outdated installation of WordPress that is vulnerable to multiple attack vectors.

Description

Versions of WordPress 3.7.x prior to 3.7.6 , 3.8.x prior to 3.8.6 , 3.9.x prior to 3.9.4 , and 4.1.x prior to 4.1.2 are susceptible to the following vulnerabilities :

- An unspecified flaw exists that allows an attacker to upload arbitrary files with invalid or unsafe names. Note that this only affects versions 4.1 and higher.
- A cross-site scripting vulnerability exists due to improper validation of user-supplied input. A remote attacker, using a specially crafted request, can exploit this to execute arbitrary script code in a user's browser session.
- A limited cross-site scripting vulnerability exists due to improper validation of user-supplied input. A remote attacker, using a specially crafted request, can exploit this to execute arbitrary script code in a user's browser session. Note that this only affects versions 3.9 and higher.
- An unspecified SQL injection vulnerability exists in some plugins.

Solution

Upgrade to WordPress 4.1.2, or later. If 4.1.x cannot be obtained, 3.7.6, 3.8.6, and 3.9.4 are also patched for these vulnerabilities.

See Also

https://wordpress.org/news/2015/04/wordpress-4-1-2

http://codex.wordpress.org/Version_3.7.6

http://codex.wordpress.org/Version_3.8.6

http://codex.wordpress.org/Version_3.9.4

http://codex.wordpress.org/Version_4.1.2

Plugin Details

Severity: High

ID: 9026

Family: CGI

Published: 2015/12/17

Modified: 2018/09/16

Dependencies: 9035, 9036

Nessus ID: 83053

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:wordpress:wordpress

Patch Publication Date: 2015/04/21

Vulnerability Publication Date: 2015/04/21

Reference Information

CVE: CVE-2015-3438, CVE-2015-3439

BID: 74269, 75146