漏洞标题
"ThirstyAffiliates Affiliate Link Manager < 3.10.5 - Subscriber+ arbitrary Affiliate Links Creation"
口渴Affiliates Affiliate Link Manager < 3.10.5 - 订阅者+ arbitrary Affiliate Links Creation
漏洞描述信息
ThirstyAffiliates联盟链接管理器版本低于3.10.5 - Subscriber+任意联盟链接创建
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
漏洞类别
N/A
漏洞标题
ThirstyAffiliates Affiliate Link Manager < 3.10.5 - Subscriber+ Arbitrary Affiliate Links Creation
漏洞描述信息
The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as subscriber to create arbitrary affiliate links, which could then be used to redirect users to an arbitrary website
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
WordPress plugin ThirstyAffiliates Affiliate Link Manager 安全漏洞
漏洞描述信息
WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin ThirstyAffiliates Affiliate Link Manager 3.10.5 之前存在安全漏洞,该漏洞源于插件在创建附属链接时没有授权和 CSRF 检查,这可能允许任何经过身份验证的用户(例如订阅者)创建任意
CVSS信息
N/A
漏洞类别
其他