Test ID:	1.3.6.1.4.1.25623.1.1.10.2015.0290
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2015-0290)
Summary:	The remote host is missing an update for the 'wordpress' package(s) announced via the MGASA-2015-0290 advisory.
Description:	Summary: The remote host is missing an update for the 'wordpress' package(s) announced via the MGASA-2015-0290 advisory. Vulnerability Insight: WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site (CVE-2015-5622). WordPress versions 4.2.2 and earlier are affected by an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft (CVE-2015-5623). Affected Software/OS: 'wordpress' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5622 BugTraq ID: 76011 http://www.securityfocus.com/bid/76011 Debian Security Information: DSA-3328 (Google Search) http://www.debian.org/security/2015/dsa-3328 Debian Security Information: DSA-3332 (Google Search) http://www.debian.org/security/2015/dsa-3332 Debian Security Information: DSA-3383 (Google Search) http://www.debian.org/security/2015/dsa-3383 https://klikki.fi/adv/wordpress3.html https://wpvulndb.com/vulnerabilities/8111 http://openwall.com/lists/oss-security/2015/07/23/18 http://www.securitytracker.com/id/1033037 Common Vulnerability Exposure (CVE) ID: CVE-2015-5623
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.