漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Slider by 10Web < 1.2.36 - Multiple Authenticated SQL Injection
Vulnerability Description
The Slider by 10Web WordPress plugin, versions before 1.2.36, in the bulk_action, export_full and save_slider_db functionalities of the plugin were vulnerable, allowing a high privileged user (Admin), or medium one such as Contributor+ (if "Role Options" is turn on for other users) to perform a SQL Injection attacks.
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Wordpress Slider by 10Web SQL注入漏洞
Vulnerability Description
Wordpress Slider by 10Web是 (Wordpress)开源的一个应用插件。提供一种通用的解决方案,可向网站页面,帖子,主题标题或任何其他位置添加快速加载,响应迅速且SEO友好的滑块。 Slider by 10Web WordPress plugin before 1.2.36 存在SQL注入漏洞,该漏洞允许一个高特权用户执行SQL注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A