Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the Accordion plugin before 2.2.9 for WordPress. The unprotected AJAX wp_ajax_accordions_ajax_import_json action allowed any authenticated user with Subscriber or higher permissions the ability to import a new accordion and inject malicious JavaScript as part of the accordion.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress Accordion 跨站脚本漏洞
Vulnerability Description
WordPress是WordPress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。Accordion是使用在其中的一个用于创建响应式内容的插件。 WordPress Accordion 2.2.9之前版本中的AJAX wp_ajax_accordions_ajax_import_json操作存在跨站脚本漏洞。攻击者可利用该漏洞导入新的折叠面板并向其中注入恶意的JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A