CNNVD-202512-2321 Information

CNNVD ID

CNNVD-202512-2321

Related CVE

CVE-2024-58305

• CNNVD Published: 2025-12-12

Description (Chinese)

WonderCMS是WonderCMS公司的一套基于PHP的开源内容管理系统（CMS）。 WonderCMS 4.3.2版本存在跨站脚本漏洞，该漏洞源于模块安装端点存在跨站脚本，可能导致注入恶意JavaScript。

Description (English)

WonderCMS is a PHP-based open-source content management system (CMS) for WonderCMS. Windows 4.3.2 has a cross-site script loophole, which stems from the presence of cross-site scripts at the endpoint of the module installation, which could lead to the injection of malicious JavaScript.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

WonderCMS

Published

2025-12-12

Last Modified

2026-02-24

References

https://github.com/WonderCMS/wondercms https://www.exploit-db.com/exploits/51805 https://www.vulncheck.com/advisories/wondercms-cross-site-scripting-remote-code-execution-via-module-installation https://www.wondercms.com/