Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in plupload.flash.swf in Plupload before 2.1.9, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via a Same-Origin Method Execution (SOME) attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress Plupload 跨站脚本漏洞
Vulnerability Description
WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。Ephox Plupload是美国Ephox公司的一个基于Web浏览器的文件上传模块,它支持显示上传进度、图像自动缩略及同时上传多个文件等。 WordPress 4.5.2之前版本中使用的Plupload 2.1.9之前版本的plupload.flash.swf文件中存在跨站脚本漏洞。远程攻击者可通过实施Same-Origin Method Execution (S
CVSS Information
N/A
Vulnerability Type
N/A