资产安全
商业安全
安全服务
返回- 漏洞ID:
- 漏洞类型:其他
- 发布日期:2026-01-28 00:00:00
- 更新时间:2026-01-29 00:00:00
- CVE编号:CVE-2026-0825
- CNNVD-ID:CNNVD-202601-4813
- 漏洞平台:WordPress
- CVSS评分:
暂无
WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台具有在基于PHP和MySQL的服务器上架设个人博客网站的功能。WordPress plugin是一个应用插件。 WordPress plugin Database for Contact Form 7, WPforms, Elementor forms 1.4.5及之前版本存在安全漏洞,该漏洞源于CSV导出功能缺少能力检查,可能导致授权绕过和敏感数据泄露。
来源:plugins.trac.wordpress.org 链接:https://plugins.trac.wordpress.org/browser/contact-form-entries/tags/1.4.5/contact-form-entries.php#L76 来源:plugins.trac.wordpress.org 链接:https://plugins.trac.wordpress.org/browser/contact-form-entries/trunk/contact-form-entries.php#L301 来源:plugins.trac.wordpress.org 链接:https://plugins.trac.wordpress.org/browser/contact-form-entries/trunk/contact-form-entries.php#L76 来源:plugins.trac.wordpress.org 链接:https://plugins.trac.wordpress.org/browser/contact-form-entries/trunk/templates/leads-table.php#L10 来源:plugins.trac.wordpress.org 链接:https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3442962%40contact-form-entries&new=3442962%40contact-form-entries&sfp_email=&sfph_mail= 来源:www.wordfence.com 链接:https://www.wordfence.com/threat-intel/vulnerabilities/id/4048ae11-fece-42aa-baf3-c636c4875635?source=cve
微信扫码关注公众号
