ID de Prueba:	1.3.6.1.4.1.25623.1.0.800704
Categoría:	Web application abuses
Título:	WordPress Multiple Vulnerabilities
Resumen:	WordPress is prone to multiple vulnerabilities.
Descripción:	Summary: WordPress is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to lack of sanitization in user supplied data which can be exploited through 'wp-admin/upgrade.php' via a direct request and 'wp-admin/upgrade.php' via a URL in the backto parameter. Vulnerability Impact: Attackers can exploit this issue to causes denial of service or to redirect the URL to any malicious website and conduct phishing attacks. Affected Software/OS: WordPress version 2.6.x up to 2.6.3. Solution: Update to version 2.7.1 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-6767 Bugtraq: 20081222 [ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS (Google Search) http://archives.neohapsis.com/archives/bugtraq/2008-12/0226.html Debian Security Information: DSA-1871 (Google Search) http://www.debian.org/security/2009/dsa-1871 XForce ISS Database: wordpress-upgrade-sec-bypass(50384) https://exchange.xforce.ibmcloud.com/vulnerabilities/50384 Common Vulnerability Exposure (CVE) ID: CVE-2008-6762 http://osvdb.org/52213 XForce ISS Database: wordpress-upgrade-phishing(50382) https://exchange.xforce.ibmcloud.com/vulnerabilities/50382
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.