漏洞描述
WordPress Plugin email-subscribers 是一个用于管理电子邮件订阅的插件。该漏洞是由于插件在处理用户输入时未能正确过滤和验证,导致攻击者可以通过构造恶意的SQL语句,执行SQL注入攻击。成功利用此漏洞可能导致数据库信息泄露、数据篡改或进一步的系统入侵。
WordPress Plugin email-subscribers /wp-admin/admin-post.php advanced_filter SQL 注入漏洞(CVE-2024-2876)
PoC代码
暂无相关漏洞推荐
- 无POCWordPress plugin WP JobHunt 跨站脚本漏洞
- 无POCWordpress Plugin Ultimate Auction Pro /wp-admin/admin-ajax.php uwa_see_more_bids_ajax SQL 注入漏洞 (CVE-2025-4204)
- 无POCWordPress plugin Events Addon for Elementor 跨站脚本漏洞
- 无POCWordPress plugin Related Posts Lite 跨站请求伪造漏洞
- 无POCWordPress plugin TablePress 跨站脚本漏洞
- 无POCWordPress plugin Ocean Extra 跨站脚本漏洞
- POCCVE-2011-5106: WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting
- POCCVE-2012-1835: WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting
- POCCVE-2012-4242: WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting
- POCCVE-2012-6499: WordPress Plugin Age Verification v0.4 - Open Redirect
- POCCVE-2013-2287: WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting
- POCCVE-2013-4117: WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting
- POCCVE-2013-4625: WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting