WordPress 4.2.0-4.5.1 flashmediaelement.swf 反射型 XSS 漏洞

Basic Fields

SSV ID:
SSV-91515
Find Time:
Unknown
Submit Time:
2016-05-10
Level:
Category:
跨站脚本
Component:
WordPress
(4.2.0<=version<=4.5.1 )
Author:
Unknown
Submitter:
Knownsec
CVE-ID:
Add
CNNVD-ID:
Add
CNVD-ID:
Add
ZoomEye Dork:
Add

Source

Detail

Contributor Knownsec Got  0.2KB
Loading icon
have 1  exchange

PoC (pocsuite 插件) (pocsuite 插件)

Contributor Fooying totally have   6.15KB
Login to exchange

Vimpo fly520 etc 28 Exchange

Reference Linking

Solutions

Temp Solutions

Official Solution

Defense Solutions

Popularity 6821
Need to bind phone before comment. Bind Now

All Comments (1)

  • fooying
    通过下载4.2到4.51所有版本的wordpress,获取存在漏洞文件的MD5值,更新了匹配MD5值列表
    1F

※Any content provided by this site, only to learn the code and services, not for illegal purposes