| VID |
210143 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
A version of WordPress software which is older than or as old as version 3.5.1 is detected as installed on the host. WordPress is a freely available PHP-based publication program that uses a MySQL backend database. WordPress versions 3.5.1 and earlier are vulnerable to multiple vulnerabilities.
- The application contains a denial of service attack, affecting sites using password-protected posts. (CVE-2013-2173)
- The application is affected by a server-side request forgery vulnerability. This vulnerability can be used to gain access to a site. (CVE-2013-2199)
- A privilege escalation vulnerability exists that allows contributors to publish posts and users to reassign authorship. (CVE-2013-2200)
- A cross-site scripting vulnerability exists related to uploading media. (CVE-2013-2201)
- A XML External Entity Injection (XXE) vulnerability exists in oEmbed. (CVE-2013-2202)
- A vulnerability exists disclosing a full file path related to file upload. (CVE-2013-2203)
- A cross-site scripting vulnerability exists related to 'TinyMCE' library. (CVE-2013-2204)
- The application is affected by a cross-site scripting vulnerability in the 'SWFUpload' library. (CVE-2013-2205)
- Cross-site scripting vulnerabilities exist in the 'post.php' script relating to the 'excerpt' and 'content' parameters.
* Note: This check solely relied on the version number of the WordPress software installed on the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://wordpress.org/news/2013/06/wordpress-3-5-2/
http://codex.wordpress.org/Version_3.5.2
http://core.trac.wordpress.org/log/branches/3.5?rev=24498&stop_rev=23347
http://seclists.org/fulldisclosure/2013/Jul/7
* Platforms affected:
WordPress versions 3.5.1 and earlier
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of WordPress (3.5.2 or later), available from the WordPress Download Web site at http://wordpress.org/download/ |
| Related URL |
CVE-2013-2173,CVE-2013-2199,CVE-2013-2200,CVE-2013-2201,CVE-2013-2202,CVE-2013-2203,CVE-2013-2204,CVE-2013-2205 (CVE) |
| Related URL |
60477,60757,60758,60759,60770,60775,60781,60825,60892 (SecurityFocus) |
| Related URL |
(ISS) |
|
