WordPress < 3.7.6 / 3.8.6 / 3.9.4 / 4.1.2 Multiple Vulnerabilities

medium Nessus Plugin ID 83053

Synopsis

The remote web server contains a PHP application that is affected by multiple vulnerabilities.

Description

According to its version number, the WordPress application running on the remote web server is potentially affected by multiple vulnerabilities :

- An unspecified flaw exists that allows an attacker to upload arbitrary files with invalid or unsafe names.
Note that this only affects versions 4.1 and higher.

- A cross-site scripting vulnerability exists due to improper validation of user-supplied input. A remote attacker, using a specially crafted request, can exploit this to execute arbitrary script code in a user's browser session.

- A limited cross-site scripting vulnerability exists due to improper validation of user-supplied input. A remote attacker, using a specially crafted request, can exploit this to execute arbitrary script code in a user's browser session. Note that this only affects versions 3.9 and higher.

- An unspecified SQL injection vulnerability exists in some plugins.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to WordPress 3.7.6 / 3.8.6 / 3.9.4 / 4.1.2 or later.

See Also

https://wordpress.org/news/2015/04/wordpress-4-1-2/

https://codex.wordpress.org/Version_4.1.2

https://codex.wordpress.org/Version_3.9.4

https://codex.wordpress.org/Version_3.8.6

https://codex.wordpress.org/Version_3.7.6

Plugin Details

Severity: Medium

ID: 83053

File Name: wordpress_4_1_2.nasl

Version: 1.16

Type: remote

Family: CGI abuses

Published: 4/24/2015

Updated: 6/5/2024

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2015-3439

Vulnerability Information

CPE: cpe:/a:wordpress:wordpress

Required KB Items: www/PHP, installed_sw/WordPress, Settings/ParanoidReport

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 4/21/2015

Vulnerability Publication Date: 4/21/2015

Reference Information

CVE: CVE-2015-3438, CVE-2015-3439

BID: 74269, 75146