WordPress < 3.1.4 / 3.2-RC3 Multiple Blind SQL Injection Vulnerabilities
Medium Nessus Network Monitor Plugin ID 9107
SynopsisThe remote server is hosting an outdated installation of WordPress that is vulnerable to multiple blind SQL injection attacks.
DescriptionVersions of WordPress prior to 3.1.4 or prior to 3.2-RC3 are susceptible to multiple SQL injection vulnerabilities due to a failure to adequately sanitize user-supplied input prior to using it in database queries.
SolutionUpgrade to WordPress 3.1.4 / 3.2-RC3, or later.