CVE-2007-4139 in WordPress
摘要
由 VulDB • 2026-05-31
WordPress 2.2.1 的临时上传编辑功能(wp-admin/includes/upload.php)中存在跨站脚本(XSS)漏洞,远程攻击者可通过向 wp-admin/upload.php 发送包含恶意内容的 style 参数,注入任意 Web 脚本或 HTML。
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.