WordPress JSmol2WP 漏洞列表

共找到 2 个与 WordPress JSmol2WP 相关的漏洞

📅 加载漏洞趋势中...

CVE-2018-20462: WordPress JSmol2WP <=1.07 - Cross-Site Scripting POC

日期: 2025-08-01 | 影响软件: WordPress JSmol2WP

WordPress JSmol2WP version 1.07 and earlier is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via the jsmol.php data parameter.
CVE-2018-20463: WordPress JSmol2WP <=1.07 - Local File Inclusion POC

日期: 2025-08-01 | 影响软件: WordPress JSmol2WP

WordPress JSmol2WP plugin 1.07 is susceptible to local file inclusion via ../ directory traversal in query=php://filter/resource= in the jsmol.php query string. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. This can also be exploited for server-side request forgery.