I have a wordpress blog setup at
Since i accept credit card payment online i have to pass PCI Compliance Test. But my website is failing. I have tried many times but always the scan shows that my version of wordpress is vulnerable
Below the Error description :-
Description : The version of WordPress on the remote host does not properly check for administrative credentials in the 'is_admin()' function in 'wp-includes/query.php'. Using a specially-crafted URL that contains the string 'wp-admin/', an attacker may be able to leverage this issue to view posts for which the status is classified as 'future', 'draft', or 'pending', which would otherwise be available only to authenticated users. See also : http://www.securityfocus.com/archive/1/4 85160/30/0/threaded http://trac.wordpress.org/ticket/5487 Solution: Unknown at this time.
Please anyone help
My previous version of wordpress were able to pass the test. Since i have updated wordpress to latest version it is failing.