| CVE编号 | CVE-2025-0629 |
|---|---|
| 发布日期 | 2025-03-11T06:00:12.568Z |
| 更新日期 | 2025-03-11T14:06:41.642Z |
| 状态 | PUBLISHED |
| 受影响的供应商 | Unknown |
| 受影响的产品 | Coronavirus (COVID-19) Notice Message |
| 描述 | The Coronavirus (COVID-19) Notice Message WordPress plugin through 1.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). |
参考链接:
