关键信息 漏洞名称: WordPress belingoGeo Plugin <= 1.12.0 is vulnerable to Arbitrary File Download 优先级: High priority CVSS评分: 7.5 风险: This vulnerability is highly dangerous and expected to become mass exploited. 影响版本: <= 1.12.0 修复状态: No official fix available 报告日期: 07 Apr 2025 发布时间: 11 May 2025 解决方案: Automatically mitigate vulnerabilities and keep your websites safe using Patchstack's virtual patch. 漏洞详情 类型: Arbitrary File Download 描述: This could allow a malicious actor to download any file from your website. This includes but is not limited to files that contain login credentials or backup files. 时间线 报告: 07 Apr 2025 by Nguyen Xuan Chien 早期预警: 09 May 2025 sent to Patchstack customers 发布: 11 May 2025 by Patchstock