🟠 高危 | CVE-2026-15005 — The Loco Translate plugin for WordPress is vulnera...
🟠 《高危安全漏洞:CVE-2026-15005》
CVSS 评分: 高危(8.8) 状态: Received 发布时间: 2026-07-16
漏洞描述
The Loco Translate plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.5. This is due to missing or incorrect nonce validation on the execTemplate function. This makes it possible for unauthenticated attackers to execute arbitrary PHP code on the server by supplying a php://filter stream wrapper URI as the 'template' parameter, which bypasses path validation and is passed directly to the include sink in execTemplate() via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
🔍 技术细节
| 字段 | 值 |
|---|---|
| CVE ID | CVE-2026-15005 |
| CVSS 评分 | 8.8 🟠 |
| 严重程度 | 高危 |
| CVSS 向量 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| CWE 分类 | CWE-352 |
| 发布时间 | 2026-07-16 |
| 最后更新 | 2026-07-16 |
| 状态 | Received |
| 数据来源 | security@wordfence.com |
🔗 参考链接
https://plugins.trac.wordpress.org/browser/loco-translate/tags/2.8.3/src/mvc/AdminController.php#L38
https://plugins.trac.wordpress.org/browser/loco-translate/tags/2.8.3/src/mvc/AdminRouter.php#L128
https://plugins.trac.wordpress.org/browser/loco-translate/tags/2.8.3/src/mvc/View.php#L273
https://plugins.trac.wordpress.org/browser/loco-translate/tags/2.8.3/src/mvc/View.php#L274
https://plugins.trac.wordpress.org/browser/loco-translate/tags/2.8.5/src/mvc/AdminController.php#L38
https://plugins.trac.wordpress.org/browser/loco-translate/tags/2.8.5/src/mvc/AdminRouter.php#L128
https://plugins.trac.wordpress.org/browser/loco-translate/tags/2.8.5/src/mvc/View.php#L273
https://plugins.trac.wordpress.org/browser/loco-translate/tags/2.8.5/src/mvc/View.php#L274