CVE-2022-2118 in 404s Plugin信息

摘要

由 VulDB • 2026-07-12

WordPress插件404s在版本3.5.1之前未对其字段进行清理和转义,导致即使禁用了unfiltered_html权限,高特权用户(如管理员)仍可执行跨站脚本攻击。

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Do you know our Splunk app?

Download it now for free!