AccessAlly 漏洞列表

共找到 2 个与 AccessAlly 相关的漏洞

📅 加载漏洞趋势中...

CVE-2021-24226: AccessAlly <3.5.7 - Sensitive Information Leakage POC

日期: 2025-08-01 | 影响软件: AccessAlly

WordPress AccessAlly plugin before 3.5.7 allows sensitive information leakage because the file \"resource/frontend/product/product-shortcode.php\" (which is responsible for the [accessally_order_form] shortcode) dumps serialize($_SERVER), which contains all environment variables. The leakage occurs on all public facing pages containing the [accessally_order_form] shortcode, and no login or administrator role is required.
CVE-2021-24226: AccessAlly <3.5.7 - Sensitive Information Leakage POC

日期: 2025-08-01 | 影响软件: AccessAlly

WordPress AccessAlly plugin before 3.5.7 allows sensitive information leakage because the file \"resource/frontend/product/product-shortcode.php\" (which is responsible for the [accessally_order_form] shortcode) dumps serialize($_SERVER), which contains all environment variables. The leakage occurs on all public facing pages containing the [accessally_order_form] shortcode, and no login or administrator role is required.