Detections
Analytics
FreeBSD : wordpress -- multiple vulnerabilities (54e50cd9-c1a8-11e6-ae1b-002590263bf5)
high Nessus Plugin ID 95786
Language:
Synopsis
The remote FreeBSD host is missing one or more security-related updates.Description
Jeremy Felt reports :WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename, reported by SumOfPwn researcher Cengiz Han Sahin; and a path traversal vulnerability in the upgrade package uploader, reported by Dominik Schilling from the WordPress security team.
Solution
Update the affected packages.See Also
Plugin Details
Severity: High
ID: 95786
File Name: freebsd_pkg_54e50cd9c1a811e6ae1b002590263bf5.nasl
Version: 3.3
Type: local
Family: FreeBSD Local Security Checks
Published: 12/14/2016
Updated: 1/4/2021
Supported Sensors: Nessus
Vulnerability Information
CPE: p-cpe:/a:freebsd:freebsd:de-wordpress, p-cpe:/a:freebsd:freebsd:ja-wordpress, p-cpe:/a:freebsd:freebsd:ru-wordpress, p-cpe:/a:freebsd:freebsd:wordpress, p-cpe:/a:freebsd:freebsd:zh-wordpress-zh_cn, p-cpe:/a:freebsd:freebsd:zh-wordpress-zh_tw, cpe:/o:freebsd:freebsd
Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
Patch Publication Date: 12/14/2016
Vulnerability Publication Date: 9/7/2016