关键信息 漏洞名称: WordPress Infility Global Plugin <= 2.14.11 is vulnerable to Arbitrary File Download 优先级: High priority 受影响版本: <= 2.14.11 官方修复: No official fix available 风险: This vulnerability is highly dangerous and expected to become mass exploited. 漏洞类型: Arbitrary File Download 描述: This could allow a malicious actor to download any file from your website. This includes but is not limited to files that contain login credentials or backup files. 解决方案: Automatically mitigate vulnerabilities and keep your websites safe. Patchstack has issued a virtual patch to mitigate this issue by blocking any attacks until an official fix becomes available. 时间线: - Reported by Martino Spagnuolo (@3verii): 28 Mar 2023 - Early warning sent to Patchstack customers: 14 Aug 2023 - Published by Patchstack: 16 Aug 2023