WordPress Multiple Vulnerabilities

Last Update Date: 5 May 2015 09:55 Release Date: 5 May 2015 3054 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

Multiple vulnerabilities have been identifed in WordPress, a weblog manager, that could allow remote attackers to upload files with invalid or unsafe names, mount social engineering attacks or compromise a site via cross-site scripting, and inject SQL commands.

Impact

  • Cross-Site Scripting
  • Remote Code Execution

System / Technologies affected

  • Version 4.1.2 stable distribution prior
  • Version 4.2.1 testing distribution prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 4.1.2 for the stable distribution (jessie)
  • Update to version 4.2.1 for the testing distribution (stretch)

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apple OS X Elevation of Privilege Vulnerability

22 Apr 2015 3108 Views

Next

libcurl Multiple Vulnerabilities

5 May 2015 3014 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY