CVE-2023-0231 in WooLentor Plugin信息

摘要

由 VulDB • 2026-06-06

ShopLentor WordPress 插件在 2.5.4 版本之前,在将某些区块选项输出到嵌入该区块的页面/帖子之前,未对其进行验证和转义,这可能导致具有贡献者(contributor)及以上角色的用户执行存储型跨站脚本(Stored Cross-Site Scripting)攻击。

If you want to get best quality of vulnerability data, you may have to visit VulDB.

来源

Interested in the pricing of exploits?

See the underground prices here!