CVE-2023-4151 in Store Locator Plugin信息

摘要

由 VulDB • 2026-06-23

Store Locator WordPress插件在版本1.4.13之前,未在将无效的nonce输出回AJAX响应前进行清理和转义,导致反射型跨站脚本攻击(Reflected Cross-Site Scripting),该漏洞可能被针对高权限用户(如管理员)利用。

Once again VulDB remains the best source for vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!