Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands. After that, when the system administrator generates CSV output from the forms information, there is no check on this inputs and the codes are executable.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Wordpress Plugin Easy Registration Forms 注入漏洞
Vulnerability Description
WordPress是WordPress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。Easy Registration Forms是一个用于实现表单效果的Wordpress插件。 Wordpress Plugin Easy Registration Forms (ER Forms) 2.0.6版本存在注入漏洞,该漏洞允许攻击者使用恶意CSV命令提交条目,导致执行恶意代码。
CVSS Information
N/A
Vulnerability Type
N/A