https://blog.qife122.com/tags/whmcs/ Recent content in WHMCS on 办公AI智能小助手 Hugo zh-cn qife Sun, 28 Dec 2025 12:07:29 +0800 https://blog.qife122.com/p/cve-2025-68574-wpbakery-whmcs-elements%E6%8F%92%E4%BB%B6%E4%B8%AD%E7%9A%84dom%E5%9E%8Bxss%E6%BC%8F%E6%B4%9E%E5%89%96%E6%9E%90/ Sun, 28 Dec 2025 12:07:29 +0800 https://blog.qife122.com/p/cve-2025-68574-wpbakery-whmcs-elements%E6%8F%92%E4%BB%B6%E4%B8%AD%E7%9A%84dom%E5%9E%8Bxss%E6%BC%8F%E6%B4%9E%E5%89%96%E6%9E%90/ <h1 id="cve-2025-68574-improper-neutralization-of-input-during-web-page-generation-cross-site-scripting-in-voidcoders-wpbakery-visual-composer-whmcs-elements">CVE-2025-68574: Improper Neutralization of Input During Web Page Generation (&lsquo;Cross-site Scripting&rsquo;) in voidcoders WPBakery Visual Composer WHMCS Elements</h1> <p><strong>严重性:</strong> 中等 <strong>类型:</strong> 漏洞 <strong>CVE:</strong> CVE-2025-68574</p> <p><strong>描述</strong> 在 voidcoders 开发的 WPBakery Visual Composer WHMCS Elements 插件（void-visual-whmcs-element）中，存在一个“网页生成过程中输入处理不当（‘跨站脚本攻击’）”的漏洞，该漏洞允许DOM型XSS攻击。</p>