关键信息 漏洞概述 漏洞名称: WordPress Internal Link Optimiser Plugin <= 5.1.3 is vulnerable to Cross Site Request Forgery (CSRF) 漏洞类型: Cross Site Request Forgery (CSRF) CVSS评分: 7.1 优先级: Low priority vPatch: Unnecessary 影响版本: <= 5.1.3 修复版本: 5.1.4 风险 风险描述: This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. CVSS评分说明: This is a general description of this vulnerability type, specific impact varies case by case. CVSS score is a way to evaluate and rank reported vulnerabilities in a standardized and repeatable way, but it is not ideal for CMSs. 解决方案 修复建议: Update to version 5.1.4 or later. 修复说明: Update to version 5.1.4 or later to remove the vulnerability. Patchstack users can turn on auto-update for vulnerable plugins only. 安全影响: This security issue has a low severity impact and is unlikely to be exploited. 详细信息 软件: Internal Link Optimiser 类型: Plugin 易受攻击版本: <= 5.1.3 修复版本: 5.1.4 时间线 报告人: johska 报告日期: 03 Apr 2025 发布者: Patchstack 发布日期: 16 Apr 2025 附加信息 插件页面: Link to Plugin page VDP状态: No VDP