Lucene search

K
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_112464
HistoryJun 26, 2020 - 12:00 a.m.

WordPress 4.1.x < 4.1.31 Multiple Vulnerabilities

2020-06-2600:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
98

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities :

  • A cross-site scripting (XSS) vulnerability exist in the block editor.

  • A cross-site scripting (XSS) vulnerability exist in media files.

  • An open redirect vulnerability exists in wp_validate_redirect().

  • A cross-site scripting (XSS) vulnerability exist in theme uploads.

  • A privilege escalation vulnerability exists in set-screen-option.

  • An authorization bypass vulnerability exists in password-protected posts and pages.

Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.

No source data
VendorProductVersion
awordpresswordpress