关键信息 漏洞概述 漏洞名称: WordPress Ovatheme Events Manager Plugin <= 1.7.5 is vulnerable to Arbitrary File Upload 优先级: High priority 受影响版本: <= 1.75 官方修复: No official fix available 风险 风险等级: Risk: 9 描述: This vulnerability is highly dangerous and expected to become mass exploited. 具体风险: Arbitrary File Upload - Allows a malicious actor to upload any type of file to your website, potentially leading to further access. 解决方案 建议: Mitigate or resolve the vulnerability immediately. Patchstack解决方案: Automatically mitigate vulnerabilities and keep your websites safe using virtual patching. 细节 软件: Ovatheme Events Manager 类型: Plugin 受影响版本: <= 1.75 时间线 报告者: Bonds 报告日期: Apr 2020 早期警告: Sent to Patchstack customers on 11 Jun 2020 发布日期: Published by Patchstack on 11 Jun 2020