CVSS Base Vector:
The remote host is missing an update for the 'wordpress'
Linux Distribution Package(s) announced via the DSA-1980-1 advisory.
Checks if a vulnerable Linux Distribution Package version is present on the target host.
Several vulnerabilities in wordpress, a web blogging tool, have been
Server Side Request Forgery (SSRF) vulnerability because URL
validation does not consider the interpretation of a name as a
series of hex characters.
Server Side Request Forgery (SSRF) vulnerability was reported in
wp_validate_redirect(). Normalize the path when validating the
location for relative URLs.
Unauthenticated viewing of certain content (private or draft posts)
is possible because the static query property is mishandled.
Wordpress does not properly consider type confusion during
validation of the referer in the admin pages. This vulnerability
affects the check_admin_referer() WordPress function.
'wordpress' Linux Distribution Package(s) on Debian Linux.
For Debian 8 'Jessie', these problems have been fixed in version
We recommend that you upgrade your wordpress Linux Distribution Packages.
Linux Distribution Package
Debian Local Security Checks
Find and Fix this Vulnerability:
Mageni can help you to find out if you have this or more vulnerabilities exposing you to hackers, ransomware and malware: Download Mageni's Free Edition
NVD CVE ID: