Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WordPress Favorites plugin <= 2.3.6 - Local File Inclusion vulnerability
Vulnerability Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kyle Phillips Favorites favorites allows PHP Local File Inclusion.This issue affects Favorites: from n/a through <= 2.3.6.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)
Vulnerability Title
WordPress plugin Favorites 安全漏洞
Vulnerability Description
PHP等都是(PHP)的产品。PHP是一种在服务器端执行的脚本语言。WebSockets ws等都是(WebSockets)开源的产品。ws是一个 Node.js WebSocket 库。R infrastructure gh等都是(R infrastructure)开源的产品。gh是一个GitHub的API库。 WordPress plugin Favorites 2.3.6及之前版本存在安全漏洞,该漏洞源于对包含或引用语句的文件名控制不当,可能导致PHP本地文件包含。
CVSS Information
N/A
Vulnerability Type
N/A