关键信息 漏洞名称: WordPress Wordapp Plugin <= 1.7.0 is vulnerable to Broken Access Control 优先级: Low priority (which unreasonably) 受影响版本: <= 1.7.0 官方修复: No official fix available 风险: CVSS v3.1 - Broken Access Control: A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user executing a certain higher privileged action. 警告: This software is likely abandoned! This software was last updated over a year ago and will likely not receive further updates or fixes. Urgently consider replacing the software with an alternative. 解决方案: Remove and replace software. This security issue has a low severity impact and is unlikely to be exploited. 详细信息: - 软件: Wordapps - 类型: Plugin - 易受攻击的版本: <= 1.7.0 - 发现日期: N/A 时间线: - 报告者: HiLog - 报告日期: 29 Apr 2020 - 发布者: Patchstack - 发布日期: 15 Jun 2020