更新: 269 个文件 - 2026-03-30 03:53:37

08-threat-intel/registry/entities/wordpress.json

@@ -12,10 +12,10 @@
   "repo_url": "",
   "package_registry": "",
   "marketplace_url": "",
-  "latest_version": "28.1.5",
+  "latest_version": "9.1.2",
   "version_scheme": "vendor",
   "latest_release_at": "",
-  "latest_release_url": "https://patchstack.com/database/wordpress/plugin/contest-gallery/vulnerability/wordpress-contest-gallery-plugin-28-1-5-unauthenticated-privilege-escalation-admin-account-takeover-via-registration-confirmation-email-to-id-type-confusion-vulnerability",
+  "latest_release_url": "https://patchstack.com/database/wordpress/plugin/ameliabooking/vulnerability/wordpress-amelia-booking-pro-plugin-9-1-2-authenticated-customer-insecure-direct-object-reference-to-arbitrary-user-password-change-vulnerability",
   "version_source_refs": [
     "https://wpscan.com/blog/object-injection-vulnerability-fixed-in-seopress-7-9/",
     "https://patchstack.com/database/wordpress/plugin/ft-rockpress/vulnerability/wordpress-rockpress-plugin-1-0-17-missing-authorization-to-authenticated-subscriber-arbitrary-modification-via-ajax-actions-vulnerability",
@@ -66,11 +66,19 @@
     "https://patchstack.com/database/wordpress/plugin/quick-adsense-reloaded/vulnerability/wordpress-quads-ads-manager-for-google-adsense-plugin-2-0-98-1-authenticated-contributor-stored-cross-site-scripting-via-multiple-ad-metadata-parameters-vulnerability",
     "https://patchstack.com/database/wordpress/plugin/pepro-ultimate-invoice/vulnerability/wordpress-peprodev-ultimate-invoice-plugin-2-2-6-unauthenticated-invoice-archive-download-vulnerability",
     "https://patchstack.com/database/wordpress/plugin/simple-download-counter/vulnerability/wordpress-simple-download-counter-plugin-2-3-authenticated-contributor-stored-cross-site-scripting-via-text-shortcode-attribute-vulnerability",
-    "https://patchstack.com/database/wordpress/plugin/dsgvo-leaflet-map/vulnerability/wordpress-dsgvo-snippet-for-leaflet-map-and-its-extensions-plugin-3-1-authenticated-contributor-stored-cross-site-scripting-via-unset-attribute-vulnerability"
+    "https://patchstack.com/database/wordpress/plugin/dsgvo-leaflet-map/vulnerability/wordpress-dsgvo-snippet-for-leaflet-map-and-its-extensions-plugin-3-1-authenticated-contributor-stored-cross-site-scripting-via-unset-attribute-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/ameliabooking/vulnerability/wordpress-amelia-booking-pro-plugin-9-1-2-authenticated-customer-insecure-direct-object-reference-to-arbitrary-user-password-change-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/conditional-menus/vulnerability/wordpress-conditional-menus-plugin-1-2-6-cross-site-request-forgery-to-menu-options-update-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/twentig/vulnerability/wordpress-twentig-plugin-1-9-7-authenticated-contributor-stored-cross-site-scripting-via-featuredimagesizewidth-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/learning-management-system/vulnerability/wordpress-masteriyo-lms-plugin-2-1-6-missing-authorization-to-authenticated-student-privilege-escalation-to-administrator-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-plugin-2-4-9-authenticated-subscriber-arbitrary-file-deletion-via-resume-custom-file-field-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/sureforms/vulnerability/wordpress-sureforms-plugin-2-5-2-unauthenticated-payment-amount-validation-bypass-via-form-id-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/trx_addons/vulnerability/wordpress-themerex-addons-plugin-2-38-5-unauthenticated-arbitrary-file-upload-vulnerability",
+    "https://patchstack.com/database/wordpress/plugin/js-support-ticket/vulnerability/wordpress-js-help-desk-ai-powered-support-ticketing-system-plugin-3-0-4-unauthenticated-sql-injection-via-multiformid-parameter-vulnerability"
   ],
   "version_sync_status": "green",
-  "security_version_count": 55,
-  "last_version_synced_at": "2026-03-29T10:50:47+00:00",
+  "security_version_count": 56,
+  "last_version_synced_at": "2026-03-30T09:18:18+00:00",
   "latest_version_evidence": [
     "WPScan Vulnerability Database",
     "Patchstack Database",