Elementor插件 on 办公AI智能小助手 https://blog.qife122.com/tags/elementor%E6%8F%92%E4%BB%B6/ Recent content in Elementor插件 on 办公AI智能小助手 Hugo zh-cn qife Sun, 11 Jan 2026 15:18:04 +0800 WordPress Elementor插件安全加固:修复文件上传漏洞与CVE-2024-5153 https://blog.qife122.com/p/wordpress-elementor%E6%8F%92%E4%BB%B6%E5%AE%89%E5%85%A8%E5%8A%A0%E5%9B%BA%E4%BF%AE%E5%A4%8D%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E%E4%B8%8Ecve-2024-5153/ Sun, 11 Jan 2026 15:18:04 +0800 https://blog.qife122.com/p/wordpress-elementor%E6%8F%92%E4%BB%B6%E5%AE%89%E5%85%A8%E5%8A%A0%E5%9B%BA%E4%BF%AE%E5%A4%8D%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E%E4%B8%8Ecve-2024-5153/ <h3 id="github---sudo-wpsudowp-dropzone-elementor-startklar-elementor-addons-的安全分支已修补-cve-2024-5153-及文件上传漏洞">GitHub - Sudo-WP/sudowp-dropzone-elementor: Startklar Elementor Addons 的安全分支。已修补 CVE-2024-5153 及文件上传漏洞。</h3> <h3 id="关于项目">关于项目</h3> <p>这是一个对 Startklar Elementor Addons 插件的安全分支。已修补 CVE-2024-5153 及文件上传漏洞。</p> <h3 id="插件信息">插件信息</h3> <p>=== Startklar Elementor Addons ===</p> <p><strong>标签:</strong> Country code, DropZone, Honeypot <strong>贡献者:</strong> WEB-SHOP-HOSTING <strong>测试环境:</strong> 6.5.2 <strong>稳定版本:</strong> 1.7.15 <strong>最低PHP要求:</strong> 5.6.20 <strong>最低WordPress要求:</strong> 5.6 <strong>许可证:</strong> GPLv2 or later <strong>许可证链接:</strong> <a href="http://www.gnu.org/licenses/gpl-2.0.html">http://www.gnu.org/licenses/gpl-2.0.html</a> <strong>捐赠链接:</strong> <a href="https://www.paypal.com/donate/?hosted_button_id=J2FXPNSYGWLBE">https://www.paypal.com/donate/?hosted_button_id=J2FXPNSYGWLBE</a></p> CVE-2025-66163:Merkulove Masker for Elementor插件中的授权缺失漏洞 https://blog.qife122.com/p/cve-2025-66163merkulove-masker-for-elementor%E6%8F%92%E4%BB%B6%E4%B8%AD%E7%9A%84%E6%8E%88%E6%9D%83%E7%BC%BA%E5%A4%B1%E6%BC%8F%E6%B4%9E/ Sun, 28 Dec 2025 15:34:45 +0800 https://blog.qife122.com/p/cve-2025-66163merkulove-masker-for-elementor%E6%8F%92%E4%BB%B6%E4%B8%AD%E7%9A%84%E6%8E%88%E6%9D%83%E7%BC%BA%E5%A4%B1%E6%BC%8F%E6%B4%9E/ <h1 id="cve-2025-66163-missing-authorization-in-merkulove-masker-for-elementor">CVE-2025-66163: Missing Authorization in merkulove Masker for Elementor</h1> <p><strong>严重性:</strong> 未知 <strong>类型:</strong> 漏洞 <strong>CVE编号:</strong> CVE-2025-66163</p> <p>Merkulove 的 Masker for Elementor (<code>masker-elementor</code>) 插件中存在一个<strong>授权缺失</strong>漏洞,该漏洞允许攻击者<strong>利用配置错误的访问控制安全级别</strong>。</p> <p>此问题影响 Masker for Elementor 插件版本:从 n/a 到 &lt;= 1.1.4。</p>