ID de Prueba:	1.3.6.1.4.1.25623.1.0.808036
Categoría:	Web application abuses
Título:	WordPress < 4.5.2 Multiple XSS Vulnerabilities (May 2016) - Windows
Resumen:	WordPress is prone to multiple cross-site scripting (XSS); vulnerabilities in third-party libraries.
Descripción:	Summary: WordPress is prone to multiple cross-site scripting (XSS) vulnerabilities in third-party libraries. Vulnerability Insight: The following flaws in third-party libraries exist: - CVE-2016-4566: XSS vulnerability in plupload.flash.swf in Plupload before 2.1.9 - CVE-2016-4567: XSS vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0 Vulnerability Impact: Successfully exploiting these issues allow remote attacker to execute arbitrary script code in a user's browser session within the trust relationship. Affected Software/OS: - CVE-2016-4566: Versions through 4.5.1 - CVE-2016-4567: Versions 4.2.x through 4.5.1 Solution: Update to version 4.5.2 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-4566 https://gist.github.com/cure53/09a81530a44f6b8173f545accc9ed07e https://wpvulndb.com/vulnerabilities/8489 http://www.openwall.com/lists/oss-security/2016/05/07/2 http://www.securitytracker.com/id/1035818 Common Vulnerability Exposure (CVE) ID: CVE-2016-4567 https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c https://wpvulndb.com/vulnerabilities/8488
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.