漏洞描述
WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Job Board Manager 2.1.59版本及之前版本存在跨站请求伪造漏洞,该漏洞源于包含一个跨站请求伪造 (CSRF) 漏洞。
WordPress plugin Job Board Manager 跨站请求伪造漏洞
PoC代码
暂无相关漏洞推荐
- 建文工程项目管理软件 /api/api/APM/KPI/PMDashBoard/ProjectMap SQL 注入漏洞
- POC CVE-2017-14725: WordPress < 4.8.2 - Authenticated Open Redirect
- POC CVE-2017-17092: WordPress < 4.9.1 - Authenticated JavaScript File Upload
- POC CVE-2025-61757: Oracle Identity Manager REST WebServices - Authentication Bypass
- POC wp-security-hidden-login-exposure: WordPress All-in-One Security <=4.4.1 - Hidden Login Page Exposure
- AstrBot /api/plugin/install-upload 命令执行漏洞(CVE-2025-55449)
- WordPress Kognetiks Chatbot for WordPress <= 2.0.0 任意文件上传漏洞
- POC CVE-2024-37656: GnuBoard5 5.5.16 - Open Redirect
- WordPress Verbalize WP 存在任意文件上传漏洞(CVE-2024-49668)
- POC CVE-2021-4374: WordPress Automatic Plugin - Unauthenticated Options Change
- POC CVE-2025-11749: WordPress AI Engine Plugin - Token Exposure
- 月子会所ERP /Page/SalerManager/ashx/BindRoomListData.ashx RoomType SQL 注入漏洞
- WordPress WooCommerce Designer Pro 插件 /wp-admin/admin-ajax.php wcdp_save_canvas_design_ajax 文件上传漏洞(CVE-2025-6440)