CVE-2013-2205 in WordPress信息

摘要

由 VulDB • 2026-06-07

WordPress 3.5.2 之前版本中 SWFUpload 的默认配置存在一个过于宽松的 `security.allowDomain` 设置,允许远程攻击者通过构造恶意网站绕过同源策略(Same Origin Policy)并实施跨站脚本(XSS)攻击。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Want to know what is going to be exploited?

We predict KEV entries!