Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ThirstyAffiliates < 3.9.3 - Authenticated Stored XSS
Vulnerability Description
Unvalidated input and lack of output encoding in the ThirstyAffiliates Affiliate Link Manager WordPress plugin, versions before 3.9.3, was vulnerable to authenticated Stored Cross-Site Scripting (XSS), which could lead to privilege escalation.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Wordpress ThirstyAffiliates 跨站脚本漏洞
Vulnerability Description
Wordpress ThirstyAffiliates是 (Wordpress)开源的一个应用插件。为博客提供了通过会员营销将其WordPress网站货币化所需的工具。 ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.9.3 存在跨站脚本漏洞,该漏洞源于未经验证的输入和缺乏输出编码很容易受到已验证存储跨站脚本(XSS)的攻击,导致特权升级。
CVSS Information
N/A
Vulnerability Type
N/A