Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting (XSS) attacks and steal cookies via the post parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress 管理面板 跨站请求伪造漏洞
Vulnerability Description
WordPress 2.1.1及之前版本的管理面板中存在跨站请求伪造漏洞。远程攻击者可以通过在wp-admin/post.php中使用删除vhucaozuo,以管理员的身份执行特权操作。注意:借助post参数,该漏洞可用于执行跨站脚本攻击和窃取cookies。
CVSS Information
N/A
Vulnerability Type
N/A