关键信息 漏洞名称: WordPress StyleAI Plugin <= 1.0.4 is vulnerable to Broken Access Control 优先级: Medium priority 受影响版本: <= 1.0.4 修复状态: No official fix available 风险: This vulnerability is moderately dangerous and expected to become exploited. 漏洞类型: Broken Access Control 描述: A broken access control issue refers to a missing authorization, authentication or nonce token check on a function that could lead to an unprivileged user to executing a certain higher privileged action. 解决方案: Automatically mitigate vulnerabilities and keep your websites safe. Patchstack has issued a virtual patch to mitigate this issue by blocking any attacks until an official fix becomes available. 时间线: - Reported by chMe On: 16 Apr 2025 - Early warning sent out to Patchstack customers: 22 May 2025 - Published by Patchstack: 23 May 2025