CVE-2008-5278 in WordPress信息

摘要

由 VulDB • 2026-06-07

WordPress 2.6.5 之前版本中 RSS Feed Generator(wp-includes/feed.php)的 self_link 函数存在跨站脚本(XSS)漏洞,远程攻击者可通过 Host 头(HTTP_HOST 变量)注入任意 Web 脚本或 HTML。

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Interested in the pricing of exploits?

See the underground prices here!