Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Patreon WordPress < 1.7.2 - Reflected XSS on Login Form
Vulnerability Description
The Jetpack Scan team identified a Reflected Cross-Site Scripting in the Login Form of the Patreon WordPress plugin before 1.7.2. The WordPress login form (wp-login.php) is hooked by the plugin and offers to allow users to authenticate on the site using their Patreon account. Unfortunately, some of the error logging logic behind the scene allowed user-controlled input to be reflected on the login page, unsanitized.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
WordPress 插件 跨站脚本漏洞
Vulnerability Description
WordPress 插件是WordPress开源的一个应用插件。 WordPress 插件 Patreon 1.7.2版本之前存在跨站脚本漏洞,该漏洞会使未经过滤的用户输入显示在登录页面。
CVSS Information
N/A
Vulnerability Type
N/A