Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WordPress < 2.8.6 Multiple Vulnerabilities

High

Synopsis

The remote server is hosting an outdated installation of WordPress that is vulnerable to multiple attack vectors.

Description

The remote host is running a version of WordPress earlier than 2.8.6. Such versions are potentially affected by multiple vulnerabilities :

- A file-upload and code execution vulnerability in the 'wp-admin/includes/file.php' script.

- A cross-site scripting vulnerability in 'Press This'.

Solution

Upgrade to WordPress 2.8.6, or later.