漏洞类别:CGI
漏洞等级: 
漏洞信息
WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. Ultimate Form Builder Lite is a WordPress Plugin which allows you to create various contact forms with drag and drop form builder.
Affected Versions:
Ultimate Form Builder Lite versions prior to 1.3.7
QID Detection Logic:
This unauthenticated detection depends on the BlindElephant engine to detect the version of the Ultimate Form Builder Lite plugin in any WordPress installation as active attacks could potentially harm live installations.
漏洞危害
Successful exploitation could allow a remote attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
解决方案
Customers are advised to upgrade Ultimate Form Builder Lite 1.3.7 or later WordPress plugin versions to remediate this vulnerability.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论