Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Authenticated Cross site Scripting exists in the User Profile & Membership plugin before 2.0.11 for WordPress via the "Account Deletion Custom Text" input field on the wp-admin/admin.php?page=um_options§ion=account page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress User Profile&Membership插件跨站脚本漏洞
Vulnerability Description
WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。User Profile&Membership plugin是使用在其中的一个网站会员注册插件。 WordPress User Profile&Membership插件2.0.11之前版本中存在跨站脚本漏洞。远程攻击者可借助wp-admin/admin.php?page=um_options§ion=account页面的‘Account Deletion C
CVSS Information
N/A
Vulnerability Type
N/A