关键信息 漏洞概述 漏洞名称: WordPress BM Content Builder Plugin < 3.16.3.3 is vulnerable to Arbitrary File Deletion 优先级: Medium priority 受影响版本: < 3.16.3.3 修复版本: 3.16.3.3 风险 CVE编号: CVE-2022-45877 风险描述: This vulnerability is moderately dangerous and expected to become exploited. 具体风险: Arbitrary File Deletion - A malicious actor could delete files from your website, potentially causing it to break and stop functioning. 解决方案 1. 自动缓解漏洞: Patchstack has issued a virtual patch to mitigate this issue by blocking any attacks until you have updated to a fixed version. 2. 更新版本: Update to version 3.16.3.3 or later to remove the vulnerability. 时间线 报告日期: 27th September 2022 早期预警发送给Patchstack客户: 27th September 2022 发布日期: 28th September 2022 其他信息 插件类型: Plugin 软件名称: BM Content Builder 修复版本: 3.16.3.3