Wordpress Multiple Vulnerabilities Network Vulnerability

Summary

This host has Wordpress installed and is prone to Multiple Vulnerabilities.

Impact

Attackers can exploit this issue to causes denial of service or to redirect the URL to any malicious website and conduct phishing attacks. Impact Level: Application

Solution

Upgrade your wordpress to the latest version 2.7.1 http://wordpress.org

Insight

Multiple flaws are due to lack of sanitization in user supplied data which can be exploited through 'wp-admin/upgrade.php' via a direct request and 'wp-admin/upgrade.php' via a URL in the backto parameter.

Affected

Wordpress version 2.6.x

References

http://archives.neohapsis.com/archives/bugtraq/2008-12/0226.html
http://osvdb.org/52213

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-6762, CVE-2008-6767
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
Andy's PHP Knowledgebase 'step5.php' Remote PHP Code Execution Vulnerability
AdaptBB Multiple Input Validation Vulnerabilities
Advantech WebAccess Multiple Vulnerabilities
Apache Archiva Multiple Remote Command Execution Vulnerabilities

Take action and discover your vulnerabilities