关键信息 漏洞名称: WordPress Ultimate AJAX Login Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF) 风险等级: Low priority 受影响版本: <= 1.2.1 官方修复: No official fix available 风险类型: CSRF (Cross Site Request Forgery) 风险描述: This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. 软件状态: This software is likely abandoned! It was last updated over a year ago and will likely not receive further updates or fixes. 解决方案: Remove and replace software. Note that deactivating the software does not remove the security threat unless vPatch is deployed. 详细信息: - Software: Ultimate AJAX Login - Type: Plugin - Vulnerable version: <= 1.2.1 - Fixed in: N/A 时间线: - Reported by: Nguyen Xuan Chien - Published by Patchstack: 08 September 2020