关键信息 漏洞名称: WordPress WooCommerce Designer Pro Plugin <= 1.9.24 is vulnerable to Arbitrary File Upload 优先级: High priority (vulnerable immediately) 受影响版本: <= 1.9.24 官方修复: No official fix available 风险: This vulnerability is highly dangerous and expected to become mass exploited. 漏洞类型: Arbitrary File Upload 描述: This could allow a malicious actor to upload any type of file to your website. This can include backdoors which are then executed to gain further access to your website. 解决方案: Automatically mitigate vulnerabilities and keep your websites safe. Patchstack has issued a virtual patch to mitigate this issue by blocking any attacks until an official fix becomes available. 时间线: - Reported by Bonds: 11 May 2025 - Early warning sent to Patchstack customers: 10 Jun 2025 - Published by Patchstack: 10 Jun 2025