更新: 413 个文件 - 2026-03-24 03:45:07

2026-03-24 03:45:08 -07:00
--- a/08-threat-intel/registry/entities/wordpress.json
+++ b/08-threat-intel/registry/entities/wordpress.json
@@ -12,10 +12,10 @@
  "repo_url": "",
  "package_registry": "",
  "marketplace_url": "",
-  "latest_version": "7.9",
+  "latest_version": "27.1.1",
  "version_scheme": "vendor",
  "latest_release_at": "",
-  "latest_release_url": "https://wpscan.com/blog/object-injection-vulnerability-fixed-in-seopress-7-9/",
+  "latest_release_url": "https://patchstack.com/database/wordpress/plugin/wordpress-seo/vulnerability/wordpress-yoast-seo-plugin-27-1-1-authenticated-contributor-stored-cross-site-scripting-via-jsontext-block-attribute-vulnerability",
  "version_source_refs": [
    "https://wpscan.com/blog/object-injection-vulnerability-fixed-in-seopress-7-9/",
    "https://patchstack.com/database/wordpress/plugin/ft-rockpress/vulnerability/wordpress-rockpress-plugin-1-0-17-missing-authorization-to-authenticated-subscriber-arbitrary-modification-via-ajax-actions-vulnerability",
@@ -36,11 +36,22 @@
    "https://patchstack.com/database/wordpress/theme/loobek/vulnerability/wordpress-loobek-theme-1-5-2-reflected-cross-site-scripting-xss-vulnerability",
    "https://patchstack.com/database/wordpress/theme/miti/vulnerability/wordpress-miti-theme-1-5-3-reflected-cross-site-scripting-xss-vulnerability",
    "https://patchstack.com/database/wordpress/plugin/motta-addons/vulnerability/wordpress-motta-addons-plugin-1-6-1-reflected-cross-site-scripting-xss-vulnerability",
-    "https://patchstack.com/database/wordpress/plugin/faq-builder-ays/vulnerability/wordpress-faq-builder-ays-plugin-1-8-2-cross-site-scripting-xss-vulnerability"
+    "https://patchstack.com/database/wordpress/plugin/faq-builder-ays/vulnerability/wordpress-faq-builder-ays-plugin-1-8-2-cross-site-scripting-xss-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/wordpress-seo/vulnerability/wordpress-yoast-seo-plugin-27-1-1-authenticated-contributor-stored-cross-site-scripting-via-jsontext-block-attribute-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/vagaro-booking-widget/vulnerability/wordpress-vagaro-booking-widget-plugin-0-3-unauthenticated-stored-cross-site-scripting-via-vagaro-code-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/rexcrawler/vulnerability/wordpress-rexcrawler-plugin-1-0-15-reflected-cross-site-scripting-via-url-and-regex-parameters-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/wpfaqblock/vulnerability/wordpress-wpfaqblock-faq-accordion-plugin-for-gutenberg-plugin-1-1-authenticated-contributor-stored-cross-site-scripting-via-class-shortcode-attribute-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/gallery-for-ultimate-member/vulnerability/wordpress-video-photo-gallery-for-ultimate-member-plugin-1-1-1-reflected-cross-site-scripting-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/alfie-the-productfeedtool-wp-plugin/vulnerability/wordpress-alfie-feed-plugin-plugin-1-2-1-cross-site-request-forgery-to-stored-cross-site-scripting-via-naam-parameter-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/comment-genius/vulnerability/wordpress-comment-genius-plugin-1-2-5-reflected-cross-site-scripting-via-server-php-self-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/wp-webauthn/vulnerability/wordpress-wp-webauthn-plugin-1-3-4-unauthenticated-stored-cross-site-scripting-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/arforms-form-builder/vulnerability/wordpress-arforms-plugin-1-7-2-unauthenticated-blind-arbitrary-shortcode-execution-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/postaffiliatepro/vulnerability/wordpress-post-affiliate-pro-plugin-1-28-0-authenticated-administrator-server-side-request-forgery-via-post-affiliate-pro-url-field-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/import-users-from-csv-with-meta/vulnerability/wordpress-import-and-export-users-and-customers-plugin-1-29-7-privilege-escalation-to-administrator-via-save-extra-user-profile-fields-vulnerability"
  ],
  "version_sync_status": "green",
  "security_version_count": 54,
-  "last_version_synced_at": "2026-03-23T09:54:03+00:00",
+  "last_version_synced_at": "2026-03-24T09:18:11+00:00",
  "latest_version_evidence": [
    "WPScan Vulnerability Database",
    "Patchstack Database"