Detections
Analytics
WordPress < 5.4.1
medium Nessus Plugin ID 136179
Language:
Synopsis
A PHP application running on the remote web server is affected by a vulnerability.Description
WordPress versions 5.4.0 and earlier are affected by multiple vulnerabilities.Solution
Upgrade to WordPress version 5.4.1 or later.See Also
https://wordpress.org/news/2020/04/wordpress-5-4-1/
https://wordpress.org/support/wordpress-version/version-5-4-1/
Plugin Details
Severity: Medium
ID: 136179
File Name: wordpress_5_4_1.nasl
Version: 1.4
Type: remote
Family: CGI abuses
Published: 4/30/2020
Updated: 6/6/2024
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Enable CGI Scanning: true
Risk Information
CVSS Score Rationale: Tenable score for xss
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS Score Source: manual
CVSS v3
Risk Factor: Medium
Base Score: 6.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Information
CPE: cpe:/a:wordpress:wordpress
Required KB Items: installed_sw/WordPress, www/PHP, Settings/ParanoidReport
Excluded KB Items: Settings/disable_cgi_scanning
Patch Publication Date: 4/29/2020
Vulnerability Publication Date: 4/29/2020
Reference Information
IAVA: 2020-A-0191-S