- Home
- CVEs with nessus.description==According to its version number, the WordPress install hosted on the remote web server is affected by multiple vulnerabilities :
- The application is affected by a server-side request forgery vulnerability in the 'pingback.ping' method used in 'xmlrpc.php'. This vulnerability can be used to expose information and remotely port scan a host using pingbacks. (CVE-2013-0235)
- The application is affected by two instances of cross-site scripting (XSS) attacks via shortcodes and post content. (CVE-2013-0236)
- The application is affected by a cross-site scripting (XSS) vulnerability in the Plupload external library.
(CVE-2013-0237)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top