Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cost Calculator <= 1.6 - Authenticated Local File Inclusion
Vulnerability Description
The Cost Calculator WordPress plugin through 1.6 allows authenticated users (Contributor+ in versions < 1.5, and Admin+ in versions <= 1.6) to perform path traversal and local PHP file inclusion on Windows Web Servers via the Cost Calculator post's Layout
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
WordPress plugin Cost Calculator 路径遍历漏洞
Vulnerability Description
WordPress是Wordpress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是WordPress开源的一个应用插件。 WordPress plugin Cost Calculator 存在路径遍历漏洞,该漏洞源于1.4版本的成本计算器WordPress插件允许角色低至贡献者的用户通过成本计算器发布的布局在Windows Web服务器上执行路径遍历和本地PHP文件包含。
CVSS Information
N/A
Vulnerability Type
N/A