WordPress < 4.5.2 Multiple Vulnerabilities (ImageTragick)
Medium Nessus Network Monitor Plugin ID 9387
SynopsisThe remote server is hosting an outdated installation of WordPress that is affected by multiple vulnerabilities.
DescriptionVersions of WordPress prior to 4.5.2 are affected by multiple vulnerabilities :
- A flaw exists that is triggered when using the 'ephemeral' pseudo protocol, which may allow a context-dependent attacker to delete arbitrary files. (OSVDB 137952)
- A flaw exists in the 'ms' pseudo protocol that is triggered when moving image files. This may allow a context-dependent attacker to move arbitrary files to arbitrary locations. (OSVDB 137953)
- A flaw exists in the 'label' pseudo protocol that is triggered during the handling of a specially crafted image. This may allow a context-dependent attacker to read arbitrary files. (OSVDB 137954)
- A flaw known as 'ImageTragick' is triggered as shell characters are not properly filtered in filenames passed to delegate commands. This may allow a context-dependent attacker to inject arbitrary shell commands and subsequently execute arbitrary code. (OSVDB 137955)
- 'MediaElement.js' contains a flaw that allows a reflected cross-site scripting (XSS) attack. The program does not validate input before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. (OSVDB 138113)
- Plupload contains an unspecified same-origin method execution flaw. No further details have been provided. (OSVDB 138114)
SolutionUpgrade to WordPress 4.5.2 or later.