WordPress 6.0 < 6.0.2 / 5.9 < 5.9.4 / 5.8 < 5.8.5 / 5.7 < 5.7.7 / 5.6 < 5.6.9 / 5.5 < 5.5.10 / 5.4 < 5.4.11 / 5.3 < 5.3.13 / 5.2 < 5.2.16 / 5.1 < 5.1.14 / 5.0 < 5.0.17 / 4.9 < 4.9.21 / 4.8 < 4.8.20 / 4.7 < 4.7.24 / 4.6 < 4.6.24 / 4.5 < 4.5.27 / 4.4 < 4.4.28 / 4.3 < 4.3.29 / 4.2 < 4.2.33 / 4.1 < 4.1.36 / 4.0 < 4.0.36 / 3.9 < 3.9.37 / 3.8 < 3.8.39 / 3.7 < 3.7.39

high Nessus Plugin ID 164521

Synopsis

A PHP application running on the remote web server is affected by one or more vulnerabilities.

Description

WordPress versions 6.0 < 6.0.2 / 5.9 < 5.9.4 / 5.8 < 5.8.5 / 5.7 < 5.7.7 / 5.6 < 5.6.9 / 5.5 < 5.5.10 / 5.4 < 5.4.11 / 5.3 < 5.3.13 / 5.2 < 5.2.16 / 5.1 < 5.1.14 / 5.0 < 5.0.17 / 4.9 < 4.9.21 / 4.8 < 4.8.20 / 4.7 < 4.7.24 / 4.6 < 4.6.24 / 4.5 < 4.5.27 / 4.4 < 4.4.28 / 4.3 < 4.3.29 / 4.2 < 4.2.33 / 4.1 < 4.1.36 / 4.0 < 4.0.36 / 3.9 < 3.9.37 / 3.8 < 3.8.39 / 3.7 < 3.7.39 are affected by one or more vulnerabilities

Solution

Upgrade to WordPress version 6.0.2, 5.9.4, 5.8.5, 5.7.7, 5.6.9, 5.5.10, 5.4.11, 5.3.13, 5.2.16, 5.1.14, 5.0.17, 4.9.21, 4.8.20, 4.7.24, 4.6.24, 4.5.27, 4.4.28, 4.3.29, 4.2.33, 4.1.36, 4.0.36, 3.9.37, 3.8.39, 3.7.39 or later.

See Also

https://wordpress.org/download/releases/

http://www.nessus.org/u?269ca1ac

http://www.nessus.org/u?9c98ed6f

https://wordpress.org/support/wordpress-version/version-6-0-2

Plugin Details

Severity: High

ID: 164521

File Name: wordpress_6_0_2.nasl

Version: 1.3

Type: remote

Family: CGI abuses

Published: 8/31/2022

Updated: 6/6/2024

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Enable CGI Scanning: true

Vulnerability Information

CPE: cpe:/a:wordpress:wordpress

Required KB Items: installed_sw/WordPress, www/PHP, Settings/ParanoidReport

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No known exploits are available

Patch Publication Date: 8/30/2022

Vulnerability Publication Date: 8/30/2022