漏洞描述
WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin LearnPress 4.2.7版本及之前版本存在跨站脚本漏洞,该漏洞源于包含一个存储型跨站脚本漏洞。
WordPress plugin LearnPress 跨站脚本漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2022-0271: LearnPress <4.1.6 - Cross-Site Scripting
- POC CVE-2022-45808: LearnPress Plugin < 4.2.0 - Unauthenticated Time-Based Blind SQLi
- POC CVE-2022-47615: LearnPress Plugin < 4.2.0 - Local File Inclusion
- POC CVE-2023-5558: LearnPress < 4.2.5.5 - Cross-Site Scripting
- POC CVE-2023-6567: LearnPress <= 4.2.5.7 - SQL Injection
- POC CVE-2023-6634: LearnPress < 4.2.5.8 - Remote Code Execution
- POC CVE-2024-4434: LearnPress WordPress LMS Plugin <= 4.2.6.5 - SQL Injection
- POC CVE-2024-8522: LearnPress < 4.2.7.1 - SQL Injection
- POC CVE-2024-8529: LearnPress < 4.2.7.1 - SQL Injection
- WordPress Plugin LearnPress SQL注入漏洞(CVE-2022-45808)
- WordPress Plugin LearnPress archive-course 文件包含漏洞(CVE-2022-47615)