hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动
文件
cd808b4358e69644be957760687841c5bd47f64f
websafe-kb/08-threat-intel/registry/entities/wordpress.json

254 行
11 KiB
JSON
原始文件 Blame 文件历史

{
"entity_id": "wordpress",
"entity_type": "system",
"display_name": "WordPress",
"parent_entity_id": null,
"root_system_id": "wordpress",
"category": "cms",
"ecosystem": "cms",
"official": true,
"status": "cataloged",
"history_policy": "history-full",
"repo_url": "",
"package_registry": "",
"marketplace_url": "",
"latest_version": "7.9",
"version_scheme": "vendor",
"latest_release_at": "",
"latest_release_url": "https://wpscan.com/blog/object-injection-vulnerability-fixed-in-seopress-7-9/",
"version_source_refs": [
"https://wpscan.com/blog/object-injection-vulnerability-fixed-in-seopress-7-9/",
"https://patchstack.com/database/wordpress/plugin/ft-rockpress/vulnerability/wordpress-rockpress-plugin-1-0-17-missing-authorization-to-authenticated-subscriber-arbitrary-modification-via-ajax-actions-vulnerability",
"https://patchstack.com/database/wordpress/plugin/instant-popup-builder/vulnerability/wordpress-instant-popup-builder-plugin-1-1-7-unauthenticated-arbitrary-shortcode-execution-via-token-parameter-vulnerability",
"https://patchstack.com/database/wordpress/plugin/cm-custom-reports/vulnerability/wordpress-cm-custom-reports-plugin-1-2-7-authenticated-administrator-stored-cross-site-scripting-via-plugin-labels-vulnerability",
"https://patchstack.com/database/wordpress/plugin/wc-carta-docente/vulnerability/wordpress-ilghera-carta-docente-for-woocommerce-plugin-1-5-0-authenticated-administrator-path-traversal-to-arbitrary-file-deletion-via-cert-parameter-vulnerability",
"https://patchstack.com/database/wordpress/plugin/emailkit/vulnerability/wordpress-emailkit-plugin-1-6-3-authenticated-administrator-path-traversal-via-emailkit-editor-template-rest-api-parameter-vulnerability",
"https://patchstack.com/database/wordpress/plugin/simply-schedule-appointments/vulnerability/wordpress-appointment-booking-calendar-plugin-1-6-10-0-unauthenticated-sql-injection-via-fields-parameter-vulnerability",
"https://patchstack.com/database/wordpress/plugin/alt-manager/vulnerability/wordpress-image-alt-text-manager-plugin-1-8-2-authenticated-author-stored-cross-site-scripting-via-post-title-vulnerability",
"https://patchstack.com/database/wordpress/plugin/add-custom-fields-to-media/vulnerability/wordpress-add-custom-fields-to-media-plugin-2-0-3-cross-site-request-forgery-to-custom-field-deletion-via-delete-parameter-vulnerability",
"https://patchstack.com/database/wordpress/plugin/info-cards/vulnerability/wordpress-info-cards-plugin-2-0-7-authenticated-contributor-stored-cross-site-scripting-via-block-attributes-vulnerability",
"https://patchstack.com/database/wordpress/plugin/keep-backup-daily/vulnerability/wordpress-keep-backup-daily-plugin-2-1-1-authenticated-admin-limited-path-traversal-via-kbd-path-parameter-vulnerability",
"https://patchstack.com/database/wordpress/plugin/linksy-search-and-replace/vulnerability/wordpress-linksy-search-and-replace-plugin-1-0-4-missing-authorization-to-authenticated-subscriber-arbitrary-database-update-via-linksy-search-and-replace-item-details-vulnerability",
"https://patchstack.com/database/wordpress/plugin/scoreboard-for-html5-game-lite/vulnerability/wordpress-scoreboard-for-html5-games-lite-plugin-1-2-authenticated-contributor-stored-cross-site-scripting-via-shortcode-attributes-vulnerability",
"https://patchstack.com/database/wordpress/plugin/expire-users/vulnerability/wordpress-expire-users-plugin-1-2-2-authenticated-subscriber-privilege-escalation-to-administrator-via-save-extra-user-profile-fields-vulnerability",
"https://patchstack.com/database/wordpress/theme/jaroti/vulnerability/wordpress-jaroti-theme-1-4-8-reflected-cross-site-scripting-xss-vulnerability",
"https://patchstack.com/database/wordpress/plugin/optin/vulnerability/wordpress-wowoptin-next-gen-popup-maker-plugin-1-4-29-unauthenticated-server-side-request-forgery-via-link-parameter-in-rest-api-vulnerability",
"https://patchstack.com/database/wordpress/theme/loobek/vulnerability/wordpress-loobek-theme-1-5-2-reflected-cross-site-scripting-xss-vulnerability",
"https://patchstack.com/database/wordpress/theme/miti/vulnerability/wordpress-miti-theme-1-5-3-reflected-cross-site-scripting-xss-vulnerability",
"https://patchstack.com/database/wordpress/plugin/motta-addons/vulnerability/wordpress-motta-addons-plugin-1-6-1-reflected-cross-site-scripting-xss-vulnerability",
"https://patchstack.com/database/wordpress/plugin/faq-builder-ays/vulnerability/wordpress-faq-builder-ays-plugin-1-8-2-cross-site-scripting-xss-vulnerability"
],
"version_sync_status": "green",
"security_version_count": 54,
"last_version_synced_at": "2026-03-23T09:54:03+00:00",
"latest_version_evidence": [
"WPScan Vulnerability Database",
"Patchstack Database"
],
"catalog_source": "",
"catalog_reason": "",
"auto_cataloged": false,
"last_discovered_at": "2025-04-09T00:30:58+00:00",
"last_synced_at": "2025-04-09T00:30:58+00:00",
"history_backfill_status": "complete",
"latest_sync_status": "green",
"official_source_covered": true,
"advisory_count": 140,
"workflow_complete_advisory_count": 140,
"version_mapped_advisory_count": 0,
"first_advisory_at": "2004-12-31T05:00:00+00:00",
"latest_advisory_at": "2025-04-09T00:30:58+00:00",
"advisory_ids": [
"wordpress--06006e9fb7",
"wordpress--06a219901c",
"wordpress--10d0d8f3f9",
"wordpress--1129617837",
"wordpress--12cc024a36",
"wordpress--12fca2abea",
"wordpress--13ce5128b4",
"wordpress--148b831760",
"wordpress--14cf81010e",
"wordpress--159a635b11",
"wordpress--17030a8718",
"wordpress--1c6aa83433",
"wordpress--213ff5c60e",
"wordpress--23d14ed85a",
"wordpress--2cd6936b0a",
"wordpress--2e850b3e28",
"wordpress--2fe5e39d3a",
"wordpress--3094ee5dd1",
"wordpress--30bd187991",
"wordpress--33d0089d9b",
"wordpress--37e9df8b25",
"wordpress--38e031b62a",
"wordpress--3f7222ce61",
"wordpress--490100c57e",
"wordpress--4dc1ee03ad",
"wordpress--57d5f9df5e",
"wordpress--58792b4ae0",
"wordpress--59276ee314",
"wordpress--59d89f1230",
"wordpress--5b7e6857ed",
"wordpress--5dd8f12e11",
"wordpress--5e0f0aa282",
"wordpress--5e2c6a493e",
"wordpress--5f95d49feb",
"wordpress--60c101bf41",
"wordpress--63066ed17e",
"wordpress--633cea0b87",
"wordpress--65236a70e8",
"wordpress--6850d32ee1",
"wordpress--69a8f91df1",
"wordpress--69bed74e7a",
"wordpress--6a726d41d8",
"wordpress--6d631adfc0",
"wordpress--6f46717425",
"wordpress--737216664c",
"wordpress--76d8cacd47",
"wordpress--79882b1d53",
"wordpress--7a096bdecd",
"wordpress--7a0d2f5c04",
"wordpress--80760b9e99",
"wordpress--8654fd6af7",
"wordpress--88079feb95",
"wordpress--8a3a3a86d7",
"wordpress--8aac20fdae",
"wordpress--8be181bdf7",
"wordpress--8f1d763e2e",
"wordpress--90ac8d52d0",
"wordpress--93ef1b52ba",
"wordpress--9a8ddc580f",
"wordpress--9afa4252ce",
"wordpress--9b87475497",
"wordpress--9cce67b3aa",
"wordpress--CVE-2004-1559",
"wordpress--CVE-2004-1584",
"wordpress--CVE-2005-1102",
"wordpress--CVE-2005-1687",
"wordpress--CVE-2005-1688",
"wordpress--CVE-2005-1810",
"wordpress--CVE-2005-1921",
"wordpress--CVE-2005-2107",
"wordpress--CVE-2005-2108",
"wordpress--CVE-2005-2109",
"wordpress--CVE-2005-2110",
"wordpress--CVE-2005-2612",
"wordpress--CVE-2005-3330",
"wordpress--CVE-2005-4463",
"wordpress--CVE-2006-0733",
"wordpress--CVE-2006-0985",
"wordpress--CVE-2006-0986",
"wordpress--CVE-2006-1012",
"wordpress--CVE-2006-1263",
"wordpress--CVE-2006-1796",
"wordpress--CVE-2006-2667",
"wordpress--CVE-2006-2702",
"wordpress--CVE-2006-3389",
"wordpress--CVE-2006-3390",
"wordpress--CVE-2006-4028",
"wordpress--CVE-2006-4208",
"wordpress--CVE-2006-4743",
"wordpress--CVE-2006-5705",
"wordpress--CVE-2006-6016",
"wordpress--CVE-2006-6017",
"wordpress--CVE-2006-6808",
"wordpress--CVE-2006-6863",
"wordpress--CVE-2007-0106",
"wordpress--CVE-2007-0107",
"wordpress--CVE-2007-0109",
"wordpress--CVE-2007-0233",
"wordpress--CVE-2007-0262",
"wordpress--CVE-2007-0539",
"wordpress--CVE-2007-0540",
"wordpress--CVE-2007-0541",
"wordpress--CVE-2007-1049",
"wordpress--CVE-2007-1230",
"wordpress--CVE-2007-1244",
"wordpress--CVE-2007-1277",
"wordpress--CVE-2007-1409",
"wordpress--CVE-2007-1599",
"wordpress--CVE-2007-1622",
"wordpress--CVE-2007-1732",
"wordpress--CVE-2007-1893",
"wordpress--CVE-2007-1894",
"wordpress--a4f0e68ab5",
"wordpress--af099a61a6",
"wordpress--af95f34447",
"wordpress--b467539b2c",
"wordpress--b481717d30",
"wordpress--b92a24e31a",
"wordpress--bbd4d9a5ed",
"wordpress--bc834bfe64",
"wordpress--c23a850ec3",
"wordpress--c346c10a12",
"wordpress--c3e95dab52",
"wordpress--c8dbf74c29",
"wordpress--cac928e94b",
"wordpress--d24a559b69",
"wordpress--d4a95ae26d",
"wordpress--da71cecbfb",
"wordpress--db166494f5",
"wordpress--dbc90eee65",
"wordpress--dc4426e2f6",
"wordpress--e61c231e8b",
"wordpress--e6d2a6b634",
"wordpress--eda217cbfb",
"wordpress--eddfccd91d",
"wordpress--ee42b86359",
"wordpress--ef12da29f9",
"wordpress--fea9c161bb",
"wordpress--feb9fe6fdd",
"wordpress--ffa886d3ac"
],
"source_refs": [
{
"name": "WordPress Security News RSS",
"url": "https://wordpress.org/news/category/security/feed/",
"kind": "rss-feed",
"status": "active",
"bucket": "official_sources",
"official": true
},
{
"name": "NVD WordPress",
"url": null,
"kind": "nvd-search",
"status": "retired",
"bucket": "official_sources",
"official": true
},
{
"name": "Wordfence Vulnerability Database",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/",
"kind": "html-links",
"status": "active",
"bucket": "ecosystem_sources",
"official": false
},
{
"name": "Patchstack Database",
"url": "https://patchstack.com/database/",
"kind": "html-links",
"status": "active",
"bucket": "ecosystem_sources",
"official": false
},
{
"name": "WPScan Vulnerability Database",
"url": "https://wpscan.com/blog/",
"kind": "html-links",
"status": "active",
"bucket": "ecosystem_sources",
"official": false
},
{
"name": "PortSwigger Research",
"url": "https://portswigger.net/research",
"kind": "html-links",
"status": "active",
"bucket": "research_sources",
"official": false
}
]
}
在新工单中引用 查看 Git Blame 复制永久链接