从这个网页截图中,可以获取到以下关于漏洞的关键信息: 1. 漏洞类型: - Community by PeepSo - Social Network, Membership, Registration, User Profiles, Premium - Mobile App <= 6.4.6.2 - Reflected Cross-Site Scripting 2. 漏洞描述: - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - CVE-2024-11447 - CVSS 6.1 (Medium) - Publicly Published: November 20, 2024 - Last Updated: November 21, 2024 - Researcher: rajanhoyr 3. 漏洞影响: - No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement. 4. 受影响的版本: - <= 6.4.6.2 5. 参考链接: - plugins.trac.wordpress.org - plugins.trac.wordpress.org - plugins.trac.wordpress.org 6. 漏洞详情: - Community by PeepSo - Download from PeepSo.com 7. 修复建议: - No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement. 8. 版权和许可信息: - Copyright 2012-2024 Defiant Inc. - Copyright 1999-2024 The MITRE Corporation 9. 联系方式: - wfr-support@wordfence.com 10. 其他信息: - Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database. - Want to get notified of the latest vulnerabilities that may affect your WordPress site? Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database. - The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.