Detections
Analytics

WordPress < 2.0.5 Multiple Vulnerabilities

medium Nessus Network Monitor Plugin ID 3803

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running WordPress, a web blog manager written in PHP.
The remote version of this software is reported to be vulnerable to a number of flaws. At the time of this writing, the flaws have not been verified by the vendor. Allegedly, an attacker can exploit these flaws to gain information about the server that would be useful in future attacks.

Solution

Upgrade to WordPress 2.0.5, or later.

See Also

http://wordpress.org

Plugin Details

Severity: Medium

ID: 3803

Family: CGI

Published: 11/2/2006

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.4

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:wordpress:wordpress

Reference Information

CVE: CVE-2006-5705

BID: 20869