关键信息 漏洞名称: WordPress URL Shortener Plugin <= 3.0.7 is vulnerable to Broken Access Control 优先级: High priority 受影响版本: <= 3.0.7 修复状态: No official fix available 风险: Critical 漏洞类型: Broken Access Control 描述: - A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user executing a certain higher privileged action. - This generic description of the vulnerability type specifies impacts and use cases for this CVE ID. Some issues may need additional context and information to be fully understood and mitigated. 解决方案: - Automatically mitigate vulnerabilities and keep your websites safe using Patchstack's virtual patch. 时间线: - Reported by @the3n on 16 Jul 2023 - Early warning sent out to Patchstack customers on 16 Jul 2023 - Published by Patchstack on 17 Jul 2023