WordPress WP cleanfix插件‘eval()’函数跨站请求伪造漏洞
2013-05-20 19:16
821 查看
| ||||||||||||||||||
WordPress的WP cleanfix插件中存在跨站请求伪造漏洞。远程攻击者可利用该漏洞在受影响应用程序上下文中执行某些未授权操作,也可能存在其他形式的攻击。WP cleanfix 2.4.4版本中存在漏洞,其他版本也可能受到影响。 | ||||||||||||||||||
http://wordpress.org/support/plugin/wp-cleanfix | ||||||||||||||||||
|
相关文章推荐
- WordPress WP-Print插件跨站请求伪造漏洞
- WordPress Related Posts插件跨站请求伪造漏洞
- WordPress DVS Custom Notification插件跨站请求伪造漏洞
- WordPress Related Posts by Zemanta插件跨站请求伪造漏洞
- WordPress Event Easy Calendar插件多个跨站请求伪造漏洞
- WordPress Content Slide插件跨站请求伪造漏洞
- WordPress Ultimate Auction插件跨站请求伪造漏洞
- WordPress post-views插件跨站请求伪造漏洞
- WordPress Simple Paypal Shopping Cart插件跨站请求伪造漏洞
- WordPress Shareaholic 插件跨站请求伪造漏洞
- WordPress qTranslate插件跨站请求伪造漏洞
- WordPress All in One Webmaster插件跨站请求伪造漏洞
- WordPress Mail On Update插件跨站请求伪造漏洞
- WordPress Digg Digg插件跨站请求伪造漏洞
- WordPress Easy AdSense Lite插件跨站请求伪造漏洞
- WordPress Citizen Space插件跨站请求伪造漏洞
- WordPress WP Cleanfix插件‘wpCleanFixAjax.php’远程PHP代码执行漏洞
- WordPress User Role Editor插件跨站请求伪造漏洞
- WordPress A Forms插件HTML注入漏洞和跨站请求伪造漏洞
- WordPress CMS Tree Page View插件跨站脚本请求伪造漏洞