The host is running WordPress and is prone to multiple vulnerabilities.

Attackers can exploit this issue by sending malicious request to several scripts in the wp-admin directory to gain access to administrative functions which may allow them to obtain sensitive information or elevate privileges. Impact Level: System/Application

Update to Version 2.8.3 http://wordpress.org/download/

- Application fails to properly sanitize user supplied input via a direct request to admin-footer.php, edit-category-form.php, edit-form-advanced.php, edit-form-comment.php, edit-link-category-form.php, edit-link-form.php, edit-page-form.php, and edit-tag-form.php in wp-admin/. - Application fails to check capabilities for certain actions, it can be exploited to cause unauthorized edits or additions via a direct request to edit-comments.php, edit-pages.php, import.php, edit-category-form.php, edit-link-category-form.php, edit-tag-form.php, export.php, link-add.php or edit.php in wp-admin/.

WordPress version prior to 2.8.3 on all running platform.

• http://core.trac.wordpress.org/changeset/11768
• http://core.trac.wordpress.org/changeset/11769
• http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/

---

Updated on 2015-03-25