WordPress < 3.7.6 / 3.8.x < 3.8.6 / 3.9.x < 3.9.4 / 4.1.x < 4.1.2 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 9026

Synopsis

The remote server is hosting an outdated installation of WordPress that is vulnerable to multiple attack vectors.

Description

Versions of WordPress 3.7.x prior to 3.7.6 , 3.8.x prior to 3.8.6 , 3.9.x prior to 3.9.4 , and 4.1.x prior to 4.1.2 are susceptible to the following vulnerabilities :

- An unspecified flaw exists that allows an attacker to upload arbitrary files with invalid or unsafe names. Note that this only affects versions 4.1 and higher.
- A cross-site scripting vulnerability exists due to improper validation of user-supplied input. A remote attacker, using a specially crafted request, can exploit this to execute arbitrary script code in a user's browser session.
- A limited cross-site scripting vulnerability exists due to improper validation of user-supplied input. A remote attacker, using a specially crafted request, can exploit this to execute arbitrary script code in a user's browser session. Note that this only affects versions 3.9 and higher.
- An unspecified SQL injection vulnerability exists in some plugins.

Solution

Upgrade to WordPress 4.1.2, or later. If 4.1.x cannot be obtained, 3.7.6, 3.8.6, and 3.9.4 are also patched for these vulnerabilities.

See Also

https://wordpress.org/news/2015/04/wordpress-4-1-2

http://codex.wordpress.org/Version_3.7.6

http://codex.wordpress.org/Version_3.8.6

http://codex.wordpress.org/Version_3.9.4

http://codex.wordpress.org/Version_4.1.2

Plugin Details

Severity: High

ID: 9026

Family: CGI

Published: 12/17/2015

Updated: 3/6/2019

Nessus ID: 83053

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:wordpress:wordpress

Patch Publication Date: 4/21/2015

Vulnerability Publication Date: 4/21/2015

Reference Information

CVE: CVE-2015-3438, CVE-2015-3439

BID: 74269, 75146