Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Workreap < 2.6.4 - Subscriber+ Arbitrary Posts Deletion via IDOR
Vulnerability Description
The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the user issuing the request, or indeed that it is an addon service, when processing the workreap_addons_service_remove action, allowing any user to delete any post by knowing or guessing the id.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress theme Workreap 安全漏洞
Vulnerability Description
WordPress是WordPress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress theme是WordPress的一款主题。 WordPress theme Workreap 2.6.4之前版本存在安全漏洞。攻击者利用该漏洞可以删除任何帖子。
CVSS Information
N/A
Vulnerability Type
N/A