尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
| 厂商 | 产品 | 影响版本 | CPE | 订阅 |
|---|---|---|---|---|
| wclovers | WCFM Membership – WooCommerce Memberships for Multivendor Marketplace | * ~ 2.10.0 | - |
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | The WCFM Membership plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and including, 2.10.0 due to missing capability checks true the AJAX actions: wcfm-memberships, wcfm-memberships-manage, and wcfm-memberships-settings. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-4940.yaml | POC详情 |
未找到公开 POC。
登录以生成 AI POC| CVE-2022-4939 | 9.8 CRITICAL | WordPress plugin WCFM Marketplace 安全漏洞 |
| CVE-2022-4935 | 8.8 HIGH | WordPress plugin WCFM Marketplace SQL注入漏洞 |
| CVE-2022-4936 | 6.3 MEDIUM | WordPress plugin WCFM Marketplace 跨站请求伪造漏洞 |
| CVE-2022-4937 | 6.3 MEDIUM | WordPress plugin Frontend Manager 安全漏洞 |
| CVE-2022-4938 | 6.3 MEDIUM | WordPress plugin Frontend Manager 跨站请求伪造漏洞 |
| CVE-2022-4941 | 6.3 MEDIUM | WordPress plugin WCFM Marketplace 跨站请求伪造漏洞 |
暂无评论