From 3f0aed346fe7c59dccf5927f73f8ec970a31958e Mon Sep 17 00:00:00 2001 From: Github-Bot Date: Sun, 1 Dec 2024 15:24:17 +0000 Subject: [PATCH] Updated by Github Bot --- cache/Tenable (Nessus).dat | 10 ++ data/cves.db | Bin 50331648 -> 50335744 bytes docs/index.html | 220 ++++++++++++++++++------------------- 3 files changed, 120 insertions(+), 110 deletions(-) diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat index 851bfdf82c0..58243b2a7e5 100644 --- a/cache/Tenable (Nessus).dat +++ b/cache/Tenable (Nessus).dat @@ -172,3 +172,13 @@ afa05246475a6eb58e281fe67ab5dfed 5ce0a9fa05c70f2f44c2741ac0dda9d3 6a1a416bb27840943f632e63184a6bf2 8d4f7bffbad5e10ee5c0516d2813a380 +46e099e3b49bdebccb6a3ca57e3151a3 +30f3e76a59e0cfd4e16fd26bc0d3e0fb +25c336b74dd634eb2872622c82bf86a1 +c4f29c6a89c087493cc0d1151d7ca82b +813fa77b4b0e45970aef0dc45a6bf424 +35661668d9313d99d7c60a846857f3f0 +623993476f1983760b45238a67110a24 +d2694f90c50308543b3e40e158888e6a +13d203bb65465af07b6238ad30c0b47f +f9e8a430a3187ba744befd4cccf35eeb diff --git a/data/cves.db b/data/cves.db index e3347523821661b5dfc8ad0c0cc30cb776dda1a3..91df27cf076781357a16ed2e55e609da632114d2 100644 GIT binary patch delta 5178 zcmb`}2Y6J~x(4866FLzC0-*?lAl1Z~*;7$LdKUsJA}ZgWnLQ9lNJxSpiUyKT#RiB1 zBCt_W!H(El>B`c~`K@c`q@;LL7kGN5=FA3>N*F{fB8{j`)FJ8;^@#dJ1EL|(h)5?+AQ}@V5*b7j zqA76_(Tr$Lv>-BxmP9L}HPMDRnP^M2BRoWV;uN9-(UCZn=tOiTx)5E7ZbWzDG$M=0 zCQc{3gpcqOCJ`WlM2H9z5h6ma!Nd?^ zC^3u}PMkxGAVv~7#3*7kaV~KlaXvAIxPTZ-Tu6)~E+Q@_E+NJfnjedZ5pg0x*hG?; zKujcZiAls{B9F)?rVs^0Au*LGB8rI;Vj6KNF`bw}Tt>_!E+?)aW)W8sR}rPeY+?>k zMwAmIt|qP_t|jIY*AdqfHxM@xHxcuQ`NRU^W?~_63vny4h*(T4A#Nj<61Nk}h~>lz z!XZ`?cMx|HcM+?IyNP>DE%7L^j(CiCoOptGl6Z=E zns|nImUxbMo_K+%AYLS1B3>q5Azme3BVH%oAl@Y2BHkv}6B~$kh)UvJVk5DMc#n9W z*i3vtY#}}*J|eaf9}}MtpAw%D+lbGJ?ZggZC$WpDBEBGY6JHWv5qpTQiM_-(#J9wE z#P`HLVn6W%@gwmQ@iTFN_=WhDI7s|P93l=AzY|A@qjQmZBT~hXT9PKUrH<52iWJmJ=mInn+VQNt#J>X(5@?Qd&uCX(J~~TWKdAX)mWp2k9uMN+;3sH~I6Kz@;5<)Hi~hvcyQE=S~O>RcGw{$fZiNt4=A zN9syFsV@zrp)`_oIYAoBiIO2rq^X=F&7`@skW6VQt)#WIk&~sZv=fiCms6yJbd*!2 zlXR9Y(p9=icR5Y6BwJ1wulU3-rUWD?Aqh)FqS8aokTc~h=_$SBZ0Rk1q_6ao{xU!Y z${-mmLu9B7li_lXjF6F%Bco)roGa(a`7%Z>kg;;1jFXGxV!1@di#z|8#3U{Wu_Y-J zWTNECB$+IEk}p%FKni856iKm^$TYcBrppYuOlHdEa)r#2E9ELFmDw^!%A{NRJR{G_bMm~rAQkeWyd*EnEApzm zCa=pI@}|5cZ_9ewAn!<}yek`Jle{PI%VzmNw#bL_k!+QZr21Kd+0o74;n8Y@D;nXjE~@{Jq9*!$@D?EL*tO z7+JAMad*8ZGgel#NUiNnVO9TmOP2376uxo8w{G~(4d1(ApBwhO;RiST=!T!%@Ut5Z zxZxK!{OX2-Zurd&hum=34ZpkLh*7a*`B5WpRMUDX15!@t*XYHDJ?kE+voWp6xGu%X z@D!zksUx6)vER@btDX4yc?AB>x3C>9PR5+O5S$NZ77KjinvBmP)25^`o|95LD$ zX4pw>`jgSi*}iJL(XCyfRWv!z_KX?n8GYEd!@0M}K#Q#qCFXwh1`(jt>sewRN&(9bc<6 zYw&s_`X5QY_`Qmuoz0p`BjsaR)wjB>mRV+5fspNuMr|_|h{h6jEFO=AEHiEe!?x)Q zItw~opW3QU^BnDNTe;Qf zPT;k*m_8KQUrMos5ZPThRSWCAWT~@rX#z<=% z{7d(aOgd!rb+%tqncDSlrgAnH%r=fK%#c|=hE+qWix_W~jkkPe!tXU>u~0A&3R+2T zI2Q7o5i4PO zEu2{uhm7`({&8T%ghNJ02L}!tY3ax9KId3X+S>neMyHNut3%DM3kBQ`4f(S}+F{W^ zGU|;7y{0!3445&~4tQ-}FrtUOI4A$AmTB%$fygRD~R~KlSWu~QGMWbdQ97_74 z5iK>fEaCsk$+$ha)#&VZ?=M{5fmMU53+rx{b+^o5 zDC7%;B8jM}6&j5u!ts#TiUdNDU^rlFovUSOkB(2Y^R1e~oGEKQFzVEt9X8QvF{3pZhkh4`u z8vcJtR#a{?y8CqF{&I^|1FCO4*DTAm;(??;8V^~KXxtkK2cl+N2ba$m^rA5C)>7dtXj6)T3ouajcsAQ;mWqLTD8pO-fY`i=E5@eeSY|S|A6b9 z`pQEkRm3W4eQy=Bid!YDl2$3Jv{l9`Yn8Lg zTNSK|Rwb*lRmG}mRkNyFHLRM}57v)XE$b(%wpGWfYt^&rTMewAt%g=3tFhI@YHG1h zGpo7P!fI)?vRYehthQD=tG(61>S%ScI$K?=u2wgzyVb+$Y4x&tTfbPpTEAI+tiD!1 ztH1TTHNXnB23mux!PXGV)=+DhHQX9ujkHEtqpdO4SZka$-kM-dv?f`Tttr-2YnnCP znqkefW?8eXIo4cjo;BZEVEth&v=&)^T8phE)>7*)Ynip&T4AlUR#~g9HP%{doweTD zU~RPiwl-Ottu5A8Yn!#*+F|Xq!mM4^ZflRV*VhbtwYvf>xgyKI%XZWPFN?c zQ`TwgjCIyJXPvh$SQo8J)@AF8b=A6NUAJynH?3RNZR?Kpk9F6&XWh3RSP!j7)?@35 z_0)Q1J-1$1|5`7tSJrFmjrE`P)_P~Xw?0@Otxwix>x=c(`Zhu#V-$h_!XpAAA`&7a z3Zfz!q9X=kA{JsJ4&ovn;v)ePA`ucJ36dfik|PCDA{A024bmbV(jx;hA`>zr3$h{` zvLgp_A{TNa5Aq@(@}mF>q7c4AVH818e2-!%juI$|QYeiwD2s9^j|!-WN~nw~sETT+ zjvAa zA|_!nreG?jVLE1DCT3wa=3p-7VLle%4=ltY{E5X_f~EKi%di|PuoA1V8f&l?>#!ah zun~V_6Er6Sr_1ckmDH;vVkf0UqKJ9^(m~;u)Uf1^&fLyuxd|!GCy*cX*Ev z_=r#Vj4$|#Zy_TT;QSFlctk)%L_%alK~zLTbi_bR#6oPuL0rT`d?Y|ZBtl{&K~f|` za-={?q(W+>L0Y6kdSpOGWI|?SK~`i#cH}@#=JvyKxI-xVVpewqeJ9?ledZ9Od!LRrYeb5*E&>z2J075Yk zgD@CFU<}1D495tJ#3+o$7>va@jK>5_#3W3{6imf5OvenOCl9L&W$%*O)!frVIv zKd~4~uoQn`8J1%OR$>)aV-40~9oAz5HsWt=!e(s2R&2v|?7&WhVHb8|5B6do_TvB! z;t&qw2#(?yj^hMQ;uKEf49?;l&f@|u;u0?73a;WBuHy!7;udb>4*tPi+{1l5z(YL3 zC*2`m~HWp?;E;eyZWv>V+^RG4>a(CI*ouqNZ51nvjs&7AZkP%CUIy&q*$+)|xW zg^Zgy=ShG(4dz)e&x3gp%)i0B4CYlZuY-9L%zweW4dz`i?}Pae%*S9p1@k$WFTs2b xgw34uEzrJJ%!rXrg^N`##;)ikB7cn(7I)X8kg&j#G+nzz2s`!mTOd!={{eX5dZhpW diff --git a/docs/index.html b/docs/index.html index aec2e5a24f0..3a91d111d21 100644 --- a/docs/index.html +++ b/docs/index.html @@ -1,4 +1,4 @@ - + @@ -283,6 +283,86 @@

眈眈探求 | TITLE URL + + 46e099e3b49bdebccb6a3ca57e3151a3 + CVE-2024-53786 + 2024-11-30 22:15:19 + Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeless Cowidgets – Elementor Addons allows Stored XSS.This issue affects Cowidgets – Elementor Addons: from n/a through 1.2.0. + 详情 + + + + 30f3e76a59e0cfd4e16fd26bc0d3e0fb + CVE-2024-53778 + 2024-11-30 22:15:19 + Cross-Site Request Forgery (CSRF) vulnerability in Essential Marketer Essential Breadcrumbs allows Stored XSS.This issue affects Essential Breadcrumbs: from n/a through 1.1.1. + 详情 + + + + 25c336b74dd634eb2872622c82bf86a1 + CVE-2024-53774 + 2024-11-30 22:15:19 + Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sparkle WP Sparkle Elementor Kit allows DOM-Based XSS.This issue affects Sparkle Elementor Kit: from n/a through 2.0.9. + 详情 + + + + c4f29c6a89c087493cc0d1151d7ca82b + CVE-2024-53773 + 2024-11-30 22:15:19 + Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Praca.Pl sp. Z o.O. Znajdź Pracę z Praca.Pl allows DOM-Based XSS.This issue affects Znajdź Pracę z Praca.Pl: from n/a through 2.2.3. + 详情 + + + + 813fa77b4b0e45970aef0dc45a6bf424 + CVE-2024-53772 + 2024-11-30 22:15:18 + Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Mail Picker allows DOM-Based XSS.This issue affects Mail Picker: from n/a through 1.0.14. + 详情 + + + + 35661668d9313d99d7c60a846857f3f0 + CVE-2024-53771 + 2024-11-30 22:15:18 + Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sergio Micó SimpleSchema allows DOM-Based XSS.This issue affects SimpleSchema: from n/a through 1.7.6.9. + 详情 + + + + 623993476f1983760b45238a67110a24 + CVE-2024-53767 + 2024-11-30 22:15:18 + Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixobe Pixobe Cartography allows DOM-Based XSS.This issue affects Pixobe Cartography: from n/a through 1.0.1. + 详情 + + + + d2694f90c50308543b3e40e158888e6a + CVE-2024-53766 + 2024-11-30 22:15:18 + Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Devnex Devnex Addons For Elementor allows DOM-Based XSS.This issue affects Devnex Addons For Elementor: from n/a through 1.0.8. + 详情 + + + + 13d203bb65465af07b6238ad30c0b47f + CVE-2024-53764 + 2024-11-30 22:15:18 + Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftHopper Softtemplates For Elementor allows DOM-Based XSS.This issue affects Softtemplates For Elementor: from n/a through 1.0.8. + 详情 + + + + f9e8a430a3187ba744befd4cccf35eeb + CVE-2024-53763 + 2024-11-30 22:15:18 + Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rejuan Ahamed Best Addons for Elementor allows Stored XSS.This issue affects Best Addons for Elementor: from n/a through 1.0.5. + 详情 + + 26f52e08314e09b9d2c93d1e013424fb CVE-2024-11998 @@ -334,7 +414,7 @@

眈眈探求 | + 2024-11-29 23:15:04 Incorrect access control in the component l_0_0.xml of TP-Link ARCHER-C7 v5 allows attackers to access sensitive information. 详情 @@ -342,7 +422,7 @@

眈眈探求 | + 2024-11-29 22:15:07 stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp/rtthrottle symlink attack. 详情 @@ -350,7 +430,7 @@

眈眈探求 | + 2024-11-29 21:15:04 A vulnerability has been found in code-projects Farmacia 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /pagamento.php. The manipulation of the argument total leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 详情 @@ -358,7 +438,7 @@

眈眈探求 | + 2024-11-29 20:15:21 A SQL injection vulnerability was discovered in Siyuan 3.1.11 in /getHistoryItems. 详情 @@ -366,7 +446,7 @@

眈眈探求 | + 2024-11-29 09:52:18 Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p22, <2.2.0p37, <2.1.0p50 (EOL) causes remote site secrets to be written to web log files accessible to local site users. 详情 @@ -374,7 +454,7 @@

眈眈探求 | + 2024-11-29 09:06:56 FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial (factory default) configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server (GUI) or Web authentication is enabled. The factory default configuration makes http-server (GUI) enabled, which means REST-APIs are also enabled. The username and the password for REST-APIs are configured in the factory default configuration. As a result, an attacker may obtain and/or alter the affected product's settings via REST-APIs. 详情 @@ -382,7 +462,7 @@

眈眈探求 | + 2024-11-29 08:06:19 Cross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27 and for Ver10.9 up to Ver10.9.14 allows a attacker to hijack the authentication of screens on the device via the management interface. 详情 @@ -390,7 +470,7 @@

眈眈探求 | + 2024-11-29 08:03:07 Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27, for Ver10.9 up to Ver10.9.14 and UNIVERGE IX-R/IX-V Ver1.2.15 and earlier allows a attacker to inject an arbitrary CLI commands to be executed on the device via the management interface. 详情 @@ -398,7 +478,7 @@

眈眈探求 | + 2024-11-29 07:40:08 A XML External Entity (XXE) vulnerability has been identified in Easy Tax Client Software 2023 1.2 and earlier across multiple platforms, including Windows, Linux, and macOS. 详情 @@ -406,7 +486,7 @@

眈眈探求 | + 2024-11-29 07:03:33 A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection, executed as the root user. 详情 @@ -414,7 +494,7 @@

眈眈探求 | + 2024-11-29 07:01:44 A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API. This leads to improper handling of path traversal, insecure forwarding to an AJP backend without adequate validation, and lack of authentication for accessing internal API endpoints. 详情 @@ -422,7 +502,7 @@

眈眈探求 | + 2024-11-29 06:57:24 Certain models of routers from Billion Electric has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject arbitrary system commands into a specific SSH function and execute them on the device. 详情 @@ -430,7 +510,7 @@

眈眈探求 | + 2024-11-29 06:45:33 Certain models of routers from Billion Electric has a Plaintext Storage of a Password vulnerability. Remote attackers with administrator privileges can access the user settings page to retrieve plaintext passwords. 详情 @@ -438,91 +518,11 @@

眈眈探求 | + 2024-11-29 06:21:31 Certain models of routers from Billion Electric has an Authentication Bypass vulnerability, allowing unautheticated attackers to retrive contents of arbitrary web pages. 详情 - - 801f710aae50552eeaed4132fc3ebbf5 - CVE-2024-11082 - 2024-11-28 09:47:12 - The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimations_panel() function in all versions up to, and including, 1.9.15. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. - 详情 - - - - 5cb5098dd477194b7d5f52c902dbe0f6 - CVE-2024-10780 - 2024-11-28 09:47:12 - The Restaurant & Cafe Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.5.9 via the 'narestaurant_elementor_template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to. - 详情 - - - - df7f5c827572d2c561e1c206a0a77b0f - CVE-2024-8672 - 2024-11-28 09:47:11 - The Widget Options – The #1 WordPress Widget & Block Control Plugin plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.0.7 via the display logic functionality that extends several page builders. This is due to the plugin allowing users to supply input that will be passed through eval() without any filtering or capability checks. This makes it possible for authenticated attackers, with contributor-level access and above, to execute code on the server. Special note: We suggested the vendor implement an allowlist of functions and limit the ability to execute commands to just administrators, however, they did not take our advice. We are considering this patched, however, we believe it could still be further hardened and there may be residual risk with how the issue is currently patched. - 详情 - - - - b785d7b15d5ef67f24e37119ecdb20c3 - CVE-2024-10670 - 2024-11-28 09:47:11 - The Primary Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.2 via the [prim_elementor_template] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created with Elementor that they should not have access to. - 详情 - - - - e63781e2ab03c94a69292c2027453e55 - CVE-2024-10798 - 2024-11-28 09:47:10 - The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1003 via the 'wpr-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created via Elementor that they should not have access to. - 详情 - - - - fe915a3342b1dd27be99c924a01adf1e - CVE-2024-11103 - 2024-11-28 09:47:09 - The Contest Gallery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 24.0.7. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account. - 详情 - - - - ad1e6237c7e5ef6847dcc04b891b2353 - CVE-2024-22037 - 2024-11-28 09:46:07 - The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users. - 详情 - - - - 5a6922c25dabba5a31bb1f87b6f08f1f - CVE-2024-11599 - 2024-11-28 09:42:48 - Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to properly validate email addresses which allows an unauthenticated user to bypass email domain restrictions via carefully crafted input on email registration. - 详情 - - - - afabc5c7a751dc754a0f7ef3d0f27a33 - CVE-2024-22038 - 2024-11-28 09:38:03 - Various problems in obs-scm-bridge allows attackers that create specially crafted git repositories to leak information of cause denial of service. - 详情 - - - - 698ae292edfc1233afd5d0e9f9a0b3eb - CVE-2024-49502 - 2024-11-28 09:26:38 - A Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in the Setup Wizard, HTTP Proxy credentials pane in spacewalk-web allows attackers to attack users by providing specially crafted URLs to click. This issue affects Container suse/manager/5.0/x86_64/server:5.0.2.7.8.1: before 5.0.15-150600.3.10.2; SUSE Manager Server Module 4.3: before 4.3.42-150400.3.52.1. - 详情 - - @@ -1990,7 +1990,7 @@

眈眈探求 | + 2024-11-29 09:24:58 Scooter Software Beyond Compare不受控搜索路径漏洞 详情 @@ -1998,7 +1998,7 @@

眈眈探求 | + 2024-11-29 09:24:58 CraftOS-PC 2混淆漏洞 详情 @@ -2006,7 +2006,7 @@

眈眈探求 | + 2024-11-29 09:24:58 Microsoft Edge权限提升漏洞 详情 @@ -2014,7 +2014,7 @@

眈眈探求 | + 2024-11-29 09:24:58 Pluck CMS暴力破解漏洞 详情 @@ -2022,7 +2022,7 @@

眈眈探求 | + 2024-11-29 09:24:58 WordPress插件PowerPack for Beaver Builder跨站脚本漏洞 详情 @@ -2030,7 +2030,7 @@

眈眈探求 | + 2024-11-29 09:24:58 WordPress插件Allegiant跨站脚本漏洞 详情 @@ -2038,7 +2038,7 @@

眈眈探求 | + 2024-11-29 09:24:58 WordPress插件Invite Anyone跨站脚本漏洞 详情 @@ -2046,7 +2046,7 @@

眈眈探求 | + 2024-11-29 09:24:58 WordPress插件Clever Addons for Elementor跨站脚本漏洞 详情 @@ -2054,7 +2054,7 @@

眈眈探求 | + 2024-11-29 09:24:58 WordPress插件Child Theme Creator跨站脚本漏洞 详情 @@ -2062,7 +2062,7 @@

眈眈探求 | + 2024-11-29 09:24:58 WordPress插件weMail跨站脚本漏洞 详情 @@ -2070,7 +2070,7 @@

眈眈探求 | + 2024-11-29 09:24:58 WordPress插件WooCommerce跨站脚本漏洞 详情 @@ -2078,7 +2078,7 @@

眈眈探求 | + 2024-11-29 09:24:58 WordPress插件Responsive Blocks – WordPress Gutenberg Blocks跨站脚本漏洞 详情 @@ -2086,7 +2086,7 @@

眈眈探求 | + 2024-11-29 09:24:58 WordPress插件Ultimate Store Kit Elementor Addons跨站脚本漏洞 详情 @@ -2094,7 +2094,7 @@

眈眈探求 | + 2024-11-29 09:24:58 WordPress插件Icegram跨站脚本漏洞 详情 @@ -2102,7 +2102,7 @@

眈眈探求 | + 2024-11-29 09:24:58 WordPress插件Purity Of Soul跨站脚本漏洞 详情