漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Include Me <= 1.2.1 - Authenticated Remote Code Execution (RCE) via LFI log poisoning
Vulnerability Description
The Include Me WordPress plugin through 1.2.1 is vulnerable to path traversal / local file inclusion, which can lead to Remote Code Execution (RCE) of the system due to log poisoning and therefore potentially a full compromise of the underlying structure
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
WordPress 路径遍历漏洞
Vulnerability Description
WordPress是WordPress(Wordpress)基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress插件 Include Me 存在路径遍历漏洞,该漏洞源于WordPress插件容易受到路径遍历本地文件包含的影响,这可能会导致系统的远程代码执行(RCE),因为日志中毒,因此可能会对底层结构造成完全的危害
CVSS Information
N/A
Vulnerability Type
N/A