关键信息 漏洞名称: WordPress TI WooCommerce Wishlist Plugin <= 2.9.2 is vulnerable to Arbitrary File Upload 优先级: High priority 受影响版本: <= 2.9.2 CVSS评分: 10 风险: This vulnerability is highly dangerous and expected to become mass exploited. 漏洞类型: Arbitrary File Upload 描述: This could allow a malicious actor to upload any type of file to your website. This can include backdoors which are then executed to gain further access to your website. 解决方案: Automatically mitigate vulnerabilities and keep your websites safe using Patchstack's virtual patch. 发布时间线: - Reported by Rafie Muhammad (Patchstack): 20 May 2025 - Early warning sent out to Patchstack customers: 16 May 2025 - Published by Patchstock: 18 May 2025 状态: No official fix available