Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag.

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities :

 - Localhost is treated as same host by default.

 - Unsafe redirects are used when redirecting the login page if SSL is forced.

 - The version string is not correctly escaped for use in generator tags.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

Several vulnerabilities were discovered in wordpress, a web blogging tool, which could allow remote attackers to compromise a site via cross-site scripting, bypass restrictions or unsafe redirects. More information can be found in the upstream advisory at https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-mainte nance-release/

Two vulnerabilities were discovered in wordpress, a web blogging tool.
The Common Vulnerabilities and Exposures project identifies the following issues.

CVE-2018-10100

The redirection URL for the login page was not validated or sanitized if forced to use HTTPS.

CVE-2018-10102

The version string was not escaped in the get_the_generator function, and could lead to cross-site scripting (XSS) in a generator tag.

For Debian 7 'Wheezy', these problems have been fixed in version 3.6.1+dfsg-1~deb7u21.

We recommend that you upgrade your wordpress packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.9.5. It is, therefore, affected by multiple vulnerabilities.

ID	Name	Product	Family	Severity
98356	WordPress 3.7.x < 3.7.26 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98355	WordPress 3.8.x < 3.8.26 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98354	WordPress 3.9.x < 3.9.24 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98353	WordPress 4.0.x < 4.0.23 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98352	WordPress 4.1.x < 4.1.23 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98351	WordPress 4.2.x < 4.2.20 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98350	WordPress 4.3.x < 4.3.16 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98349	WordPress 4.4.x < 4.4.15 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98348	WordPress 4.5.x < 4.5.14 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98347	WordPress 4.6.x < 4.6.11 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98346	WordPress 4.7.x < 4.7.10 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98345	WordPress 4.8.x < 4.8.6 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98344	WordPress 4.9.x < 4.9.5 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
109588	Debian DSA-4193-1 : wordpress - security update	Nessus	Debian Local Security Checks	medium
109407	Debian DLA-1366-1 : wordpress security update	Nessus	Debian Local Security Checks	medium
109034	WordPress < 4.9.5 Multiple Vulnerabilities	Nessus	CGI abuses	medium

Detections

Analytics

CVE-2018-10102

medium

Tenable Plugins

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium