CVE-2016-15004— InfiniteWP Client Plugin injection

InfiniteWP Client Plugin injection

A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The attack can be launched remotely. Upgrading to version 1.6.1.1 is able to address this issue. It is recommended to upgrade the affected component.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

输出中的特殊元素转义处理不恰当(注入)

Revmakx InfiniteWP Client Plugin 注入漏洞

Revmakx InfiniteWP Client Plugin是印度Revmakx公司的一个自托管系统。允许用户从他们自己的服务器管理无限数量的 WordPress 站点。 Revmakx InfiniteWP Client Plugin 1.5.1.3/1.6.0版本存在注入漏洞，该漏洞源于受影响的是一个未知功能，该操作可以导致注入，攻击可以远程发起，升级到1.6.1.1版本能够解决这个问题，建议升级受影响的组件。

N/A

N/A