CVE-2007-4139 in WordPress信息

摘要

由 VulDB • 2026-05-31

WordPress 2.2.1 的临时上传编辑功能(wp-admin/includes/upload.php)中存在跨站脚本(XSS)漏洞,远程攻击者可通过向 wp-admin/upload.php 发送包含恶意内容的 style 参数,注入任意 Web 脚本或 HTML。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!