关键信息 漏洞名称: WordPress Multi-language Responsive Contact Form Plugin <= 2.8 is vulnerable to Broken Access Control 优先级: High priority 受影响版本: <= 2.8 修复状态: No official fix available 风险: This vulnerability is highly dangerous and expected to become mass exploited. 漏洞类型: Broken Access Control 描述: A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user executing a certain higher privileged action. 解决方案: Patchstack has issued a virtual patch to mitigate this issue by blocking any attacks until an official fix becomes available. 时间线: - Reported by @the3n on April 19, 2023 - Early warning sent out to Patchstack customers on July 6, 2023 - Published by Patchstack on July 6, 2023