关键信息 漏洞概述 漏洞名称: WordPress DoFollow Case by Case Plugin <= 3.5.1 is vulnerable to Cross Site Scripting (XSS) 风险等级: Low priority CVSS评分: 6.9 报告日期: 02 Apr 2025 发布日期: 07 May 2025 漏洞详情 受影响版本: <= 3.5.1 修复版本: No official fix available 漏洞类型: Cross Site Scripting (XSS) 风险描述 风险: This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. 软件状态: This software is likely abandoned! Last updated over a year ago. 解决方案 建议: Remove and replace software. This software was last updated over a year ago and will likely not receive further updates or fixes. 时间线 报告人: Nabil Irawan 发布时间: 07 May 2025 by Patchstack