更新: 489 个文件 - 2026-03-26 16:06:46
这个提交包含在:
hao
@@ -12,10 +12,10 @@
|
||||
"repo_url": "",
|
||||
"package_registry": "",
|
||||
"marketplace_url": "",
|
||||
"latest_version": "27.1.1",
|
||||
"latest_version": "51.1.49",
|
||||
"version_scheme": "vendor",
|
||||
"latest_release_at": "",
|
||||
"latest_release_url": "https://patchstack.com/database/wordpress/plugin/wordpress-seo/vulnerability/wordpress-yoast-seo-plugin-27-1-1-authenticated-contributor-stored-cross-site-scripting-via-jsontext-block-attribute-vulnerability",
|
||||
"latest_release_url": "https://patchstack.com/database/wordpress/plugin/king-addons/vulnerability/wordpress-king-addons-for-elementor-plugin-51-1-49-unauthenticated-api-keys-disclosure-vulnerability",
|
||||
"version_source_refs": [
|
||||
"https://wpscan.com/blog/object-injection-vulnerability-fixed-in-seopress-7-9/",
|
||||
"https://patchstack.com/database/wordpress/plugin/ft-rockpress/vulnerability/wordpress-rockpress-plugin-1-0-17-missing-authorization-to-authenticated-subscriber-arbitrary-modification-via-ajax-actions-vulnerability",
|
||||
@@ -47,14 +47,26 @@
|
||||
"https://patchstack.com/database/wordpress/plugin/wp-webauthn/vulnerability/wordpress-wp-webauthn-plugin-1-3-4-unauthenticated-stored-cross-site-scripting-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/arforms-form-builder/vulnerability/wordpress-arforms-plugin-1-7-2-unauthenticated-blind-arbitrary-shortcode-execution-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/postaffiliatepro/vulnerability/wordpress-post-affiliate-pro-plugin-1-28-0-authenticated-administrator-server-side-request-forgery-via-post-affiliate-pro-url-field-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/import-users-from-csv-with-meta/vulnerability/wordpress-import-and-export-users-and-customers-plugin-1-29-7-privilege-escalation-to-administrator-via-save-extra-user-profile-fields-vulnerability"
|
||||
"https://patchstack.com/database/wordpress/plugin/import-users-from-csv-with-meta/vulnerability/wordpress-import-and-export-users-and-customers-plugin-1-29-7-privilege-escalation-to-administrator-via-save-extra-user-profile-fields-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/king-addons/vulnerability/wordpress-king-addons-for-elementor-plugin-51-1-49-unauthenticated-api-keys-disclosure-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/ultimate-shortcodes-creator/vulnerability/wordpress-shortcodes-blocks-creator-ultimate-plugin-2-2-0-reflected-cross-site-scripting-via-page-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/ultimate-shortcodes-creator/vulnerability/wordpress-shortcodes-blocks-creator-ultimate-plugin-2-2-0-reflected-cross-site-scripting-via-wpnonce-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-plugin-2-4-8-unauthenticated-sql-injection-via-radius-parameter-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/wp-graphql/vulnerability/wordpress-wpgraphql-plugin-2-9-1-broken-access-control-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/woo-product-filter/vulnerability/wordpress-product-filter-for-woocommerce-by-wbw-plugin-3-1-2-missing-authorization-to-unauthenticated-filter-data-deletion-via-truncate-table-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/shapepress-dsgvo/vulnerability/wordpress-wp-dsgvo-tools-gdpr-plugin-3-1-38-missing-authorization-to-unauthenticated-account-destruction-of-non-admin-users-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/jetformbuilder/vulnerability/wordpress-jetformbuilder-plugin-3-5-6-2-unauthenticated-arbitrary-file-read-via-media-field-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/sina-extension-for-elementor/vulnerability/wordpress-sina-extension-for-elementor-plugin-3-7-0-authenticated-contributor-stored-cross-site-scripting-via-fancy-text-widget-and-countdown-widget-vulnerability",
|
||||
"https://patchstack.com/database/wordpress/plugin/jet-engine/vulnerability/wordpress-jetengine-plugin-3-8-6-1-unauthenticated-sql-injection-via-listing-grid-filtered-query-parameter-vulnerability",
|
||||
"https://wordpress.org/news/2025/06/dropping-security-updates-for-wordpress-versions-4-1-through-4-6/"
|
||||
],
|
||||
"version_sync_status": "green",
|
||||
"security_version_count": 54,
|
||||
"last_version_synced_at": "2026-03-24T09:18:11+00:00",
|
||||
"security_version_count": 55,
|
||||
"last_version_synced_at": "2026-03-26T10:20:27+00:00",
|
||||
"latest_version_evidence": [
|
||||
"WPScan Vulnerability Database",
|
||||
"Patchstack Database"
|
||||
"Patchstack Database",
|
||||
"WordPress Security News RSS"
|
||||
],
|
||||
"catalog_source": "",
|
||||
"catalog_reason": "",
|
||||
|
||||
在新工单中引用
屏蔽一个用户