关键信息 漏洞名称: WordPress Navigation Tree Elementor Plugin <= 1.0.1 is vulnerable to SQL Injection 优先级: High priority 受影响版本: <= 1.0.1 修复状态: No official fix available 风险: This vulnerability is highly dangerous and expected to become mass exploited. 漏洞类型: SQL Injection 描述: This could allow a malicious actor to directly interact with your database, including but not limited to stealing information. 解决方案: Automatically mitigate vulnerabilities and keep your websites safe. Patchstack has issued a virtual patch to mitigate this issue by blocking any attacks until an official fix becomes available. 时间线: - Reported by timomongaut on 25 Mar 2023 - Early warning sent to Patchstack customers on 26 Mar 2023 - Published by Patchstack on 27 Mar 2023