WWordPress 漏洞数据库

社区安全警报 WPeMatico中的XSS(CVE202513031)

WordPress WPeMatico RSS Feed Fetcher插件中的跨站脚本攻击(XSS)
0
分享
0
0
0
0

我看不到要转换的博客内容。请粘贴您想要转换的博客文章。.

在我生成HTML之前,请确认:
– 语言:英语(或繁体/简体中文)?
– 您想要一个 and meta description included?<br /> – Any specific heading structure (H1/H2) or images to embed?</p> <p>我将:<br /> – 在最顶部插入请求的响应式漏洞摘要表,,<br /> – 使用香港安全专家的语气,,<br /> – 删除对WP-Firewall、Patchstack或其他WordPress安全供应商的任何推荐,,<br /> – 生成干净的HTML输出(没有“`html fences)。.</p> </div> <section class="post-tags"><ul><li><h5 class="title-tags" data-no-translation="" data-trp-gettext="">标签:</h5></li><li><a href="https://wp-security.org/zh_cn/tag/wordpress-security/" rel="tag">WordPress安全</a></li></ul></section> <div class="pk-share-buttons-wrap pk-share-buttons-layout-default pk-share-buttons-scheme-bold-bg pk-share-buttons-has-counts pk-share-buttons-has-total-counts pk-share-buttons-after-post pk-share-buttons-mode-php pk-share-buttons-mode-rest" data-post-id="1860" data-share-url="https://wp-security.org/zh_cn/vulnerability-database/community-security-alert-xss-in-wpematicocve202513031/" > <div class="pk-share-buttons-total pk-share-buttons-total-no-count"> <div class="pk-share-buttons-count cs-font-primary">0 分享:</div> </div> <div class="pk-share-buttons-items"> <div class="pk-share-buttons-item pk-share-buttons-facebook pk-share-buttons-no-count" data-id="facebook"> <a href="https://www.facebook.com/sharer.php?u=https://wp-security.org/zh_cn/vulnerability-database/community-security-alert-xss-in-wpematicocve202513031/" class="pk-share-buttons-link" target="_blank"> <i class="pk-share-buttons-icon pk-icon pk-icon-facebook"></i> <span class="pk-share-buttons-label pk-font-primary" data-no-translation="" data-trp-gettext="">分享</span> <span class="pk-share-buttons-count pk-font-secondary">0</span> </a> </div> <div class="pk-share-buttons-item pk-share-buttons-twitter pk-share-buttons-no-count" data-id="twitter"> <a href="https://x.com/share?&text=%3Ctrp-post-container%20data-trp-post-id%3D%271860%27%3ECommunity%20Security%20Alert%20XSS%20in%20WPeMatico%28CVE202513031%29%3C%2Ftrp-post-container%3E&url=https://wp-security.org/zh_cn/vulnerability-database/community-security-alert-xss-in-wpematicocve202513031/" class="pk-share-buttons-link" target="_blank"> <i class="pk-share-buttons-icon pk-icon pk-icon-twitter"></i> <span class="pk-share-buttons-label pk-font-primary" data-no-translation="" data-trp-gettext="">推文</span> <span class="pk-share-buttons-count pk-font-secondary">0</span> </a> </div> <div class="pk-share-buttons-item pk-share-buttons-pinterest pk-share-buttons-no-count" data-id="pinterest"> <a href="https://pinterest.com/pin/create/bookmarklet/?url=https://wp-security.org/zh_cn/vulnerability-database/community-security-alert-xss-in-wpematicocve202513031/&media=https://wp-security.org/wp-content/uploads/2025/12/2025-12-10CVE202513031WPeMatico-RSS-Feed-Fetcher-1024x576.jpg" class="pk-share-buttons-link" target="_blank"> <i class="pk-share-buttons-icon pk-icon pk-icon-pinterest"></i> <span class="pk-share-buttons-label pk-font-primary" data-no-translation="" data-trp-gettext="">固定</span> <span class="pk-share-buttons-count pk-font-secondary">0</span> </a> </div> </div> </div> <section class="post-author"> <div class="authors-compact"> <div class="author-wrap"> <div class="author"> <div class="author-avatar"> <a href="https://wp-security.org/zh_cn/author/wp-security/" rel="author"> <img alt='' src='https://secure.gravatar.com/avatar/16bf83a02c7c3aa39247769e866366c2ea8ccfb8bd88a16ef3ac35925a1da888?s=120&d=mm&r=g' srcset='https://secure.gravatar.com/avatar/16bf83a02c7c3aa39247769e866366c2ea8ccfb8bd88a16ef3ac35925a1da888?s=240&d=mm&r=g 2x' class='avatar avatar-120 photo' height='120' width='120' decoding='async'/> </a> </div> <div class="author-description"> <h5 class="title-author"> <span class="fn"> <a href="https://wp-security.org/zh_cn/author/wp-security/" rel="author"> WP 安全漏洞报告 </a> </span> </h5> <p class="note"></p> </div> </div> </div> </div> </section> <div id="disqus_thread"></div> </div> </div> </article> <div class="post-prev-next"> <a class="link-item prev-link" href="https://wp-security.org/zh_cn/vulnerability-database/safeguard-hong-kong-sites-against-funnelkit-xsscve202566067/"> <div class="link-content"> <div class="link-label"> <span class="link-arrow"></span><span class="link-text"> — 上一篇文章</span> </div> <h2 class="entry-title"> 保护香港网站免受 FunnelKit XSS攻击(CVE202566067) </h2> </div> </a> <a class="link-item next-link" href="https://wp-security.org/zh_cn/vulnerability-database/hong-kong-security-advisory-wordpress-csrf-riskcve202562873/"> <div class="link-content"> <div class="link-label"> <span class="link-text">下一篇文章 — </span><span class="link-arrow"></span> </div> <h2 class="entry-title"> 香港安全咨询 WordPress CSRF 风险 (CVE202562873) </h2> </div> </a> </div> <section class="post-archive archive-related"> <div class="archive-wrap"> <div class="title-block-wrap"> <h5 class="title-block"> 你可能也喜欢 </h5> </div> <div class="archive-main archive-list archive-heading-small archive-borders-enabled archive-shadow-enabled archive-scale-enabled"> <article class="entry-without-preview post-2170 post type-post status-publish format-standard has-post-thumbnail category-vulnerability-database tag-wordpress-security"> <div class="post-outer"> <div class="post-inner"> <div class="meta-category"><a class="category-style" href="https://wp-security.org/zh_cn/category/vulnerability-database/"><span style="background-color:#EDF2FF" data-color="#EDF2FF" data-color-dark="#555555" class="char" data-scheme="default">W</span><span class="label">WordPress 漏洞数据库</span></a></div> <header class="entry-header"> <h2 class="entry-title"><a href="https://wp-security.org/zh_cn/vulnerability-database/protect-hong-kong-users-from-data-exposurecve202513371/" rel="bookmark">保护香港用户免受数据泄露 (CVE202513371)</a></h2><ul class="post-meta"><li class="meta-date">2026年1月7日</li></ul> </header> <div class="entry-details"> <div class="entry-excerpt"> WordPress Money Space 插件中的敏感数据泄露 </div> </div> </div><!-- .post-inner --> </div><!-- .post-outer --> </article> <article class="entry-without-preview post-1748 post type-post status-publish format-standard has-post-thumbnail category-vulnerability-database tag-wordpress-security"> <div class="post-outer"> <div class="post-inner"> <div class="meta-category"><a class="category-style" href="https://wp-security.org/zh_cn/category/vulnerability-database/"><span style="background-color:#EDF2FF" data-color="#EDF2FF" data-color-dark="#555555" class="char" data-scheme="default">W</span><span class="label">WordPress 漏洞数据库</span></a></div> <header class="entry-header"> <h2 class="entry-title"><a href="https://wp-security.org/zh_cn/vulnerability-database/hong-kong-ngo-alert-csrf-in-authorsurecve202513134/" rel="bookmark">香港非政府组织警报 AuthorSure 中的 CSRF(CVE202513134)</a></h2><ul class="post-meta"><li class="meta-date">2025 年 11 月 20 日</li></ul> </header> <div class="entry-details"> <div class="entry-excerpt"> WordPress AuthorSure 插件中的跨站请求伪造(CSRF) </div> </div> </div><!-- .post-inner --> </div><!-- .post-outer --> </article> <article class="entry-without-preview post-2002 post type-post status-publish format-standard has-post-thumbnail category-vulnerability-database tag-wordpress-security"> <div class="post-outer"> <div class="post-inner"> <div class="meta-category"><a class="category-style" href="https://wp-security.org/zh_cn/category/vulnerability-database/"><span style="background-color:#EDF2FF" data-color="#EDF2FF" data-color-dark="#555555" class="char" data-scheme="default">W</span><span class="label">WordPress 漏洞数据库</span></a></div> <header class="entry-header"> <h2 class="entry-title"><a href="https://wp-security.org/zh_cn/vulnerability-database/public-safety-notice-funnelforms-access-control-flawcve202568582/" rel="bookmark">公共安全通知 Funnelforms 访问控制缺陷(CVE202568582)</a></h2><ul class="post-meta"><li class="meta-date">2025年12月29日</li></ul> </header> <div class="entry-details"> <div class="entry-excerpt"> WordPress Funnelforms 免费插件中的访问控制漏洞 </div> </div> </div><!-- .post-inner --> </div><!-- .post-outer --> </article> <article class="entry-without-preview post-864 post type-post status-publish format-standard has-post-thumbnail category-vulnerability-database tag-wordpress-security"> <div class="post-outer"> <div class="post-inner"> <div class="meta-category"><a class="category-style" href="https://wp-security.org/zh_cn/category/vulnerability-database/"><span style="background-color:#EDF2FF" data-color="#EDF2FF" data-color-dark="#555555" class="char" data-scheme="default">W</span><span class="label">WordPress 漏洞数据库</span></a></div> <header class="entry-header"> <h2 class="entry-title"><a href="https://wp-security.org/zh_cn/vulnerability-database/hong-kong-ngo-warns-wordpress-findgo-csrfcve202553587/" rel="bookmark">香港非政府组织警告WordPress Findgo CSRF(CVE202553587)</a></h2><ul class="post-meta"><li class="meta-date">2025年8月14日</li></ul> </header> <div class="entry-details"> <div class="entry-excerpt"> WordPress Findgo主题 <= 1.3.57 - 跨站请求伪造 (CSRF) 漏洞 </div> </div> </div><!-- .post-inner --> </div><!-- .post-outer --> </article> <article class="entry-without-preview post-2235 post type-post status-publish format-standard has-post-thumbnail category-vulnerability-database tag-wordpress-security"> <div class="post-outer"> <div class="post-inner"> <div class="meta-category"><a class="category-style" href="https://wp-security.org/zh_cn/category/vulnerability-database/"><span style="background-color:#EDF2FF" data-color="#EDF2FF" data-color-dark="#555555" class="char" data-scheme="default">W</span><span class="label">WordPress 漏洞数据库</span></a></div> <header class="entry-header"> <h2 class="entry-title"><a href="https://wp-security.org/zh_cn/vulnerability-database/hong-kong-security-advisory-paygent-access-controlcve202514078/" rel="bookmark">香港安全咨询 PAYGENT 访问控制(CVE202514078)</a></h2><ul class="post-meta"><li class="meta-date">2026 年 1 月 17 日</li></ul> </header> <div class="entry-details"> <div class="entry-excerpt"> WordPress PAYGENT for WooCommerce 插件中的访问控制漏洞 </div> </div> </div><!-- .post-inner --> </div><!-- .post-outer --> </article> <article class="entry-without-preview post-2087 post type-post status-publish format-standard has-post-thumbnail category-vulnerability-database tag-wordpress-security"> <div class="post-outer"> <div class="post-inner"> <div class="meta-category"><a class="category-style" href="https://wp-security.org/zh_cn/category/vulnerability-database/"><span style="background-color:#EDF2FF" data-color="#EDF2FF" data-color-dark="#555555" class="char" data-scheme="default">W</span><span class="label">WordPress 漏洞数据库</span></a></div> <header class="entry-header"> <h2 class="entry-title"><a href="https://wp-security.org/zh_cn/vulnerability-database/protecting-hong-kong-sites-from-adwords-xsscve202562118/" rel="bookmark">保护香港网站免受 AdWords XSS(CVE202562118)</a></h2><ul class="post-meta"><li class="meta-date">2025年12月31日</li></ul> </header> <div class="entry-details"> <div class="entry-excerpt"> WordPress AdWords 转换跟踪代码插件中的跨站脚本(XSS) </div> </div> </div><!-- .post-inner --> </div><!-- .post-outer --> </article> </div> </div> </section> </main> </div><!-- .content-area --> </div><!-- .main-content --> </div><!-- .cs-container --> </div><!-- .site-content --> <footer id="colophon" class="site-footer"> <div class="footer-subscribe"> <div class="cs-container"> <div class="subscribe-wrap"> </div> </div> </div> <div class="footer-info"> <div class="cs-container"> <div class="site-info"> <div class="footer-col-info"> <span class="site-title footer-title" href="https://wp-security.org/zh_cn/" rel="home"> <img src="https://wp-security.org/wp-content/uploads/2025/08/WP-Security-logo-1-e1754494371106.png" alt="WP Security" > </span> <div class="footer-copyright"> © 2025 WP-Security.org 免责声明:WP-Security.org 是一个独立的非营利 NGO 社区,致力于分享 WordPress 安全新闻和信息。我们与 WordPress、其母公司或任何相关实体没有关联。所有商标均为其各自所有者的财产。. </div> </div> </div> </div> </div> </footer> </div> </div><!-- .site-inner --> </div><!-- .site --> <template id="tp-language" data-tp-language="zh_CN"></template><script type="speculationrules"> {"prefetch":[{"source":"document","where":{"and":[{"href_matches":"/zh_cn/*"},{"not":{"href_matches":["/wp-*.php","/wp-admin/*","/wp-content/uploads/*","/wp-content/*","/wp-content/plugins/*","/wp-content/themes/squaretype/*","/zh_cn/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]} </script> <a href="#top" class="pk-scroll-to-top"> <i class="pk-icon pk-icon-up"></i> </a> <div class="pk-mobile-share-overlay"> </div> <script type="text/javascript"> var _paq = _paq || []; _paq.push(['setCustomDimension', 1, '{"ID":3,"name":"WP Security Vulnerability Report","avatar":"f7de7e299d4a4b4c92c6f2c2a29a7ca7"}']); _paq.push(['trackPageView']); (function () { var u = "https://analytics2.wpmudev.com/"; _paq.push(['setTrackerUrl', u + 'track/']); _paq.push(['setSiteId', '24942']); var d = document, g = d.createElement('script'), s = d.getElementsByTagName('script')[0]; g.type = 'text/javascript'; g.async = true; g.defer = true; g.src = 'https://analytics.wpmucdn.com/matomo.js'; s.parentNode.insertBefore(g, s); })(); </script> <script type="importmap" id="wp-importmap"> {"imports":{"@wordpress/interactivity":"https://wp-security.org/wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=8964710565a1d258501f","@surecart/checkout":"https://wp-security.org/wp-content/plugins/surecart/packages/blocks-next/build/scripts/checkout/index.js?ver=817605f320f77b6291ef","@surecart/checkout-events":"https://wp-security.org/wp-content/plugins/surecart/packages/blocks-next/build/scripts/checkout-events/index.js?ver=ed9647bd6c7865efe2ad","@surecart/checkout-service":"https://wp-security.org/wp-content/plugins/surecart/packages/blocks-next/build/scripts/checkout-actions/index.js?ver=1999ef06f8f53c7492e5","@surecart/google-events":"https://wp-security.org/wp-content/plugins/surecart/packages/blocks-next/build/scripts/google/index.js?ver=d92e383a18bcf54ea538","@surecart/facebook-events":"https://wp-security.org/wp-content/plugins/surecart/packages/blocks-next/build/scripts/facebook/index.js?ver=cf5c6499cb7b867894c1","@surecart/a11y":"https://wp-security.org/wp-content/plugins/surecart/packages/blocks-next/build/scripts/a11y/index.js?ver=fbe783039308da940df7","@surecart/api-fetch":"https://wp-security.org/wp-content/plugins/surecart/packages/blocks-next/build/scripts/fetch/index.js?ver=1bfba8ea0694a193022a"}} </script> <script type="module" src="https://wp-security.org/wp-content/plugins/surecart/packages/blocks-next/build/scripts/line-item-note/index.js?ver=af6cf14267b5a9ad219f" id="@surecart/line-item-note-js-module"></script> <script type="module" src="https://wp-security.org/wp-content/plugins/surecart/packages/blocks-next/build/scripts/checkout/index.js?ver=817605f320f77b6291ef" id="@surecart/checkout-js-module"></script> <script type="module" src="https://wp-security.org/wp-content/plugins/surecart/packages/blocks-next/build/scripts/cart/index.js?ver=c6810ec9f683d794994f" id="@surecart/cart-js-module"></script> <script type="application/json" id="wp-script-module-data-@wordpress/interactivity"> {"state":{"surecart/checkout":{"checkout":{"line_items":{"data":[]}},"discountIsRedeemable":false,"isDiscountApplied":false,"itemsCount":0,"hasItems":false}}} </script> <div id="fb-root"></div> <script async defer crossorigin="anonymous" src="https://connect.facebook.net/zh_CN/sdk.js#xfbml=1&version=v17.0&appId=&autoLogAppEvents=1" nonce="Ci8te34e"></script> <script> window.scFetchData = {"root_url":"https:\/\/wp-security.org\/zh_cn\/wp-json\/","nonce":"d7d4567522","nonce_endpoint":"https:\/\/wp-security.org\/wp-admin\/admin-ajax.php?action=sc-rest-nonce"} </script> <!-- Render the cart. --> <div class="is-layout-flow wp-container-surecart-slide-out-cart-is-layout-d6743c7d wp-block-surecart-slide-out-cart-is-layout-flow" data-wp-context='{"formId":131,"mode":"live"}' data-wp-interactive='{ "namespace": "surecart/checkout" }' data-wp-init="callbacks.init" data-wp-watch="callbacks.onChangeCheckout" data-wp-on-window--storage="callbacks.syncTabs" > <dialog style="width: 525px; font-size:15px;" class="sc-drawer sc-cart-drawer wp-block-surecart-slide-out-cart" data-wp-bind--aria-label="surecart/cart::state.ariaLabel" data-wp-on--mousedown="surecart/cart::actions.closeOverlay" data-wp-on--touchstart="surecart/cart::actions.closeOverlay" > <!-- Cart alert --> <div class="sc-alert sc-alert__alert--danger" role="alert" aria-live="assertive" aria-atomic="true" data-wp-bind--hidden="!state.error" hidden> <div class="sc-alert__icon"> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewbox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <circle cx="12" cy="12" r="10" /> <line x1="12" y1="8" x2="12" y2="12" /> <line x1="12" y1="16" x2="12.01" y2="16" /> </svg> </div> <div class="sc-alert__text"> <div class="sc-alert__title"> <span data-wp-text="state.errorTitle"></span> </div> <div class="sc-alert__message"> <div data-wp-text="state.errorMessage"></div> <template data-wp-each--message="state.additionalErrors"> <div> <span data-wp-text="context.message"></span> </div> </template> </div> </div> </div> <div class="wp-block-group is-content-justification-space-between is-nowrap is-layout-flex wp-container-core-group-is-layout-09de181c wp-block-group-is-layout-flex" style="padding-top:1.5em;padding-right:2em;padding-bottom:0em;padding-left:2em"> <div style="line-height:1;" class="wp-block-surecart-cart-close-button" data-wp-on--click="surecart/cart::actions.toggle" data-wp-on--keypress="surecart/cart::actions.toggle" role="button" tabindex="0" aria-label="关闭购物车" > <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewbox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="5" y1="12" x2="19" y2="12" /> <polyline points="12 5 19 12 12 19" /> </svg> </div> <p style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;font-size:16px;font-style:normal;font-weight:500;line-height:1"> 查看我的订单</p> <span style="font-size:14px;font-weight:600;line-height:1; border-radius:4px; padding-top:6px;padding-bottom:6px;padding-left:10px;padding-right:10px;" class="wp-block-surecart-cart-count" data-wp-text="state.itemsCount">0</span> </div> <div style="padding-top:2em;padding-bottom:2em;padding-left:2em;padding-right:2em;" class="wp-block-surecart-slide-out-cart-line-items is-layout-flow wp-container-surecart-slide-out-cart-line-items-is-layout-546f3c6d wp-block-surecart-slide-out-cart-line-items-is-layout-flow" role="list"> <template data-wp-each--line_item="state.checkoutLineItems" data-wp-each-key="context.line_item.id" > <div class="sc-product-line-item" data-wp-class--sc-product-line-item--has-swap="state.swap" role="listitem"> <div class="sc-product-line-item__content"> <div class="wp-block-group wp-container-content-9cfa9a5a"><div class="wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow"> <div class="wp-block-group is-nowrap is-layout-flex wp-container-core-group-is-layout-bd3f9bef wp-block-group-is-layout-flex"> <figure class="sc-cart-line-item-image-wrap wp-container-content-962be591 wp-duotone-unset-1" data-wp-bind--hidden="!context.line_item.image.src"> <img style="aspect-ratio:1;border-radius:4px;border-width:1px;margin-top:0;margin-bottom:0; margin-top:0;margin-bottom:0;" class="sc-is-covered wp-block-surecart-cart-line-item-image" data-wp-bind--alt="context.line_item.image.alt" data-wp-bind--srcset="context.line_item.image.srcset" data-wp-bind--sizes="context.line_item.image.sizes" data-wp-bind--src="context.line_item.image.src" loading="lazy" /> </figure> <div class="wp-block-group wp-container-content-9cfa9a5a is-vertical is-content-justification-stretch is-nowrap is-layout-flex wp-container-core-group-is-layout-a46423eb wp-block-group-is-layout-flex"> <div class="wp-block-group wp-container-content-9cfa9a5a is-content-justification-space-between is-nowrap is-layout-flex wp-container-core-group-is-layout-eb80f53d wp-block-group-is-layout-flex"> <div class="wp-block-group wp-container-content-9cfa9a5a"><div class="wp-block-group__inner-container is-layout-flow wp-container-core-group-is-layout-d6743c7d wp-block-group-is-layout-flow"> <a style="font-style:normal;font-weight:500;line-height:1.4;text-decoration:none;" class="wp-block-surecart-cart-line-item-title" data-wp-bind--href="state.lineItemPermalink"> <span data-wp-text="context.line_item.price.product.name"></span> </a> <div class="wp-block-group"><div class="wp-block-group__inner-container is-layout-flow wp-container-core-group-is-layout-d6743c7d wp-block-group-is-layout-flow"> <div style="font-size:14px;line-height:1.4;" class="wp-block-surecart-cart-line-item-price-name" data-wp-text="state.lineItemPriceName" data-wp-bind--hidden="!state.lineItemPriceName"></div> <div style="font-size:14px;line-height:1.4;" class="wp-block-surecart-cart-line-item-variant" data-wp-text="state.lineItemVariant" data-wp-bind--hidden="!state.lineItemVariant"></div> <div data-wp-interactive='{ "namespace": "surecart/line-item-note" }' style="font-size:14px;line-height:1.4;" class="wp-block-surecart-cart-line-item-note" data-wp-context='{}' data-wp-run="callbacks.init" data-wp-class--line-item-note--is-expanded="context.noteExpanded" data-wp-class--line-item-note--is-collapsible="context.showToggle" data-wp-bind--hidden="surecart/checkout::!state.lineItemNote" data-wp-on--click="actions.toggleNoteExpanded" data-wp-on--keydown="actions.toggleNoteExpanded" data-wp-bind--role="button" data-wp-bind--disabled="!context.showToggle" data-wp-bind--aria-expanded="context.noteExpanded" data-wp-bind--aria-label="Toggle note visibility" tabindex="0" > <div class="line-item-note__text" data-wp-text="surecart/checkout::state.lineItemNote" ></div> <span class="sc-icon" data-wp-class--sc-icon--rotated="context.noteExpanded" > <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewbox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <polyline points="6 9 12 15 18 9" /> </svg> </span> </div> </div></div> <div class="sc-product-line-item__purchasable-status wp-block-surecart-cart-line-item-status has-text-align-right" data-wp-text="context.line_item.purchasable_status_display" data-wp-bind--hidden="!context.line_item.purchasable_status_display" role="status" aria-live="polite" aria-atomic="true" > </div> </div></div> <div class="wp-block-group"><div class="wp-block-group__inner-container is-layout-flow wp-container-core-group-is-layout-d6743c7d wp-block-group-is-layout-flow"> <div class="wp-block-group is-content-justification-right is-nowrap is-layout-flex wp-container-core-group-is-layout-f8a47911 wp-block-group-is-layout-flex" style="line-height:1.4"> <div class="wp-block-surecart-cart-line-item-scratch-amount" data-wp-text="context.line_item.scratch_display_amount" data-wp-bind--hidden="!state.lineItemHasScratchAmount" ></div> <div style="font-style:normal;font-weight:500;" class="wp-block-surecart-cart-line-item-amount has-text-align-right" data-wp-text="context.line_item.subtotal_display_amount"></div> <div style="font-size:14px;" class="wp-block-surecart-cart-line-item-interval" data-wp-bind--hidden="!context.line_item.price.short_interval_text"> <span class="wp-block-surecart-cart-line-item-interval__interval" data-wp-bind--hidden="!context.line_item.price.short_interval_text" data-wp-text="context.line_item.price.short_interval_text" ></span> <span class="wp-block-surecart-cart-line-item-interval__count" data-wp-bind--hidden="!context.line_item.price.short_interval_count_text" data-wp-text="context.line_item.price.short_interval_count_text" ></span> </div> </div> <div class="wp-block-group"><div class="wp-block-group__inner-container is-layout-flow wp-container-core-group-is-layout-d6743c7d wp-block-group-is-layout-flow"> <div style="font-size:14px;" class="wp-block-surecart-cart-line-item-trial has-text-align-right" data-wp-bind--hidden="!context.line_item.price.trial_text" data-wp-text="context.line_item.price.trial_text" ></div> <template data-wp-each--fee="state.lineItemFees" data-wp-each-key="context.fee.id" > <div style="font-size:14px;" class="wp-block-surecart-cart-line-item-fees has-text-align-right"> <span style="font-size:14px;" class="wp-block-surecart-cart-line-item-fees has-text-align-right" data-wp-text="context.fee.display_amount" ></span> <span style="font-size:14px;" class="wp-block-surecart-cart-line-item-fees has-text-align-right" data-wp-text="context.fee.description" ></span> </div> </template> </div></div> </div></div> </div> <div class="wp-block-group is-content-justification-space-between is-nowrap is-layout-flex wp-container-core-group-is-layout-c0dd7891 wp-block-group-is-layout-flex"> <div class="wp-block-group wp-container-content-9cfa9a5a"><div class="wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow"><div class="sc-input-group sc-input-group-sm sc-quantity-selector wp-block-surecart-cart-line-item-quantity" data-wp-class--quantity--disabled="state.isQuantityDisabled" data-wp-bind--hidden="!state.isEditable" hidden="1"> <div class="sc-input-group-text sc-quantity-selector__decrease" role="button" tabindex="0" data-wp-on--click="surecart/checkout::actions.onQuantityDecrease" data-wp-on--keydown="surecart/checkout::actions.onQuantityDecrease" data-wp-bind--disabled="state.isQuantityDecreaseDisabled" data-wp-bind--aria-disabled="state.isQuantityDecreaseDisabled" data-wp-class--button--disabled="state.isQuantityDecreaseDisabled" aria-label="数量减少一个。." > <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewbox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="5" y1="12" x2="19" y2="12" /> </svg> </div> <input type="number" class="sc-form-control sc-quantity-selector__control" data-wp-bind--value="context.line_item.quantity" data-wp-on--change="surecart/checkout::actions.onQuantityChange" data-wp-bind--min="context.line_item.min" data-wp-bind--aria-valuemin="context.line_item.min" data-wp-bind--max="context.line_item.max" data-wp-bind--aria-valuemax="context.line_item.max" data-wp-bind--disabled="surecart/checkout::state.loading" step="1" autocomplete="off" role="spinbutton" /> <div class="sc-input-group-text sc-quantity-selector__increase" role="button" tabindex="0" data-wp-on--click="surecart/checkout::actions.onQuantityIncrease" data-wp-on--keydown="surecart/checkout::actions.onQuantityIncrease" data-wp-bind--disabled="state.isQuantityIncreaseDisabled" data-wp-bind--aria-disabled="state.isQuantityIncreaseDisabled" data-wp-class--button--disabled="state.isQuantityIncreaseDisabled" aria-label="数量增加一个。." > <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewbox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="12" y1="5" x2="12" y2="19" /> <line x1="5" y1="12" x2="19" y2="12" /> </svg> </div> </div> </div></div> <div class="wp-block-group is-vertical is-content-justification-right is-layout-flex wp-container-core-group-is-layout-4269a6fd wp-block-group-is-layout-flex"> <div style="font-size:14px;font-style:normal;font-weight:400;" class="wp-block-surecart-cart-line-item-remove" aria-label="移除商品" data-wp-on--click="surecart/checkout::actions.removeLineItem" data-wp-on--keydown="surecart/checkout::actions.removeLineItem" role="button" tabindex="0" > <svg class="wp-block-surecart-cart-line-item-remove__icon" xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewbox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="18" y1="6" x2="6" y2="18" /> <line x1="6" y1="6" x2="18" y2="18" /> </svg> <span class="wp-block-surecart-cart-line-item-remove__label"> 移除 </span> </div> </div> </div> </div> </div> </div></div> </div> <div class="sc-product-line-item__swap" data-wp-bind--hidden="!state.swap" hidden data-wp-on--click="actions.toggleSwap"> <div class="sc-product-line-item__swap-content"> <button type="button" class="sc-toggle" role="switch" aria-checked="false" data-wp-bind--aria-checked="context.line_item.swap" data-wp-class--sc-toggle--checked="context.line_item.swap"> <span class="sc-toggle__label">使用设置</span> <span aria-hidden="true" class="sc-toggle__knob"></span> </button> <span data-wp-text="state.swap.description"></span> </div> <div class="sc-product-line-item__swap-amount"> <span data-wp-text="state.swapDisplayAmount" class="sc-product-line-item__swap-amount-value"></span> <span data-wp-text="state.swapIntervalText" class="sc-product-line-item__swap-amount-interval"></span> <span data-wp-text="state.swapIntervalCountText" class="sc-product-line-item__swap-amount-interval-count"></span> </div> </div> </div> </template> </div> <div class="wp-block-group" style="border-top-color:#b0b0b069;border-top-width:1px;padding-top:2em;padding-right:2em;padding-bottom:2em;padding-left:2em"><div class="wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow"> <div class="wp-block-surecart-slide-out-cart-items-subtotal is-content-justification-space-between is-nowrap is-layout-flex wp-container-surecart-slide-out-cart-items-subtotal-is-layout-7351673c wp-block-surecart-slide-out-cart-items-subtotal-is-layout-flex"> <div class="wp-block-group"><div class="wp-block-group__inner-container is-layout-flow wp-container-core-group-is-layout-d6743c7d wp-block-group-is-layout-flow"> <p style="margin-top:0px;margin-bottom:0px;font-size:18px;font-style:normal;font-weight:500;line-height:1.4"> 小计</p> <p class="has-text-color has-link-color wp-elements-259a359c4f6cc8e462a71fb52c1b4088" style="color:var(--sc-input-help-text-color);font-size:14px;line-height:1.4">税费和运费在结账时计算</p> </div></div> <span style="font-size:18px;font-style:normal;font-weight:500;line-height:1.4;" class="wp-block-surecart-cart-subtotal-amount" data-wp-text="state.checkout.subtotal_display_amount"></span> </div> <div class="sc-cart-items-submit__wrapper" style="" > <div class="wp-block-button"> <a style="border-radius:4px;" class="wp-block-button__link wp-element-button sc-button__link wp-block-surecart-slide-out-cart-items-submit" href="https://wp-security.org/zh_cn/checkout/" data-wp-bind--disabled="state.loading" data-wp-class--sc-button__link--busy="state.loading" > <span class="sc-spinner" aria-hidden="false"></span> <span class="sc-button__link-text">结账</span> </a> </div> </div> </div></div> <div class="sc-block-ui" data-wp-bind--hidden="!state.loading" hidden></div> <!-- speak element --> <p id="a11y-speak-intro-text" class="a11y-speak-intro-text" style="position: absolute;margin: -1px;padding: 0;height: 1px;width: 1px;overflow: hidden;clip: rect(1px, 1px, 1px, 1px);-webkit-clip-path: inset(50%);clip-path: inset(50%);border: 0;word-wrap: normal !important;"></p> <div id="a11y-speak-assertive" class="a11y-speak-region" style="position: absolute;margin: -1px;padding: 0;height: 1px;width: 1px;overflow: hidden;clip: rect(1px, 1px, 1px, 1px);-webkit-clip-path: inset(50%);clip-path: inset(50%);border: 0;word-wrap: normal !important;" aria-live="assertive" aria-relevant="additions text" aria-atomic="true"> </div> <div id="a11y-speak-polite" class="a11y-speak-region" style="position: absolute;margin: -1px;padding: 0;height: 1px;width: 1px;overflow: hidden;clip: rect(1px, 1px, 1px, 1px);-webkit-clip-path: inset(50%);clip-path: inset(50%);border: 0;word-wrap: normal !important;" aria-live="polite" aria-relevant="additions text" aria-atomic="true"></div> </dialog> </div> <!-- Render floating cart icon --> <div data-wp-interactive='{ "namespace": "surecart/checkout" }' class="wp-block-surecart-cart-icon" data-wp-context='{"formId":131,"mode":"live"}' data-wp-on--click="surecart/cart::actions.toggle" data-wp-on--keydown="surecart/cart::actions.toggle" tabindex="0" role="button" data-wp-bind--hidden="!state.hasItems" hidden> <div class="wp-block-surecart-cart-icon__container"> <div class="wp-block-surecart-cart-icon__icon" aria-label="购物车按钮。."> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewbox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <path d="M6 2L3 6v14a2 2 0 0 0 2 2h14a2 2 0 0 0 2-2V6l-3-4z" /> <line x1="3" y1="6" x2="21" y2="6" /> <path d="M16 10a4 4 0 0 1-8 0" /> </svg> </div> <span class="wp-block-surecart-cart-icon__count" data-wp-text="state.itemsCount" data-wp-bind--aria-label="state.itemsCountAriaLabel" >0</span> </div> </div><script src="https://wp-security.org/wp-includes/js/dist/url.min.js?ver=9e178c9516d1222dc834" id="wp-url-js"></script> <script src="https://wp-security.org/wp-includes/js/dist/hooks.min.js?ver=dd5603f07f9220ed27f1" id="wp-hooks-js"></script> <script src="https://wp-security.org/wp-includes/js/dist/i18n.min.js?ver=c26c3dc7bed366793375" id="wp-i18n-js"></script> <script id="wp-i18n-js-after"> wp.i18n.setLocaleData( { 'text direction\u0004ltr': [ 'ltr' ] } ); //# sourceURL=wp-i18n-js-after </script> <script id="wp-api-fetch-js-translations"> ( function( domain, translations ) { var localeData = translations.locale_data[ domain ] || translations.locale_data.messages; localeData[""].domain = domain; wp.i18n.setLocaleData( localeData, domain ); } )( "default", {"translation-revision-date":"2026-01-06 20:16:48+0000","generator":"GlotPress\/4.0.3","domain":"messages","locale_data":{"messages":{"":{"domain":"messages","plural-forms":"nplurals=1; plural=0;","lang":"zh_CN"},"Could not get a valid response from the server.":["\u65e0\u6cd5\u4ece\u670d\u52a1\u5668\u83b7\u53d6\u6709\u6548\u54cd\u5e94\u3002"],"Unable to connect. Please check your Internet connection.":["\u65e0\u6cd5\u8fde\u63a5\u3002\u8bf7\u68c0\u67e5\u60a8\u7684\u4e92\u8054\u7f51\u8fde\u63a5\u3002"],"Media upload failed. If this is a photo or a large image, please scale it down and try again.":["\u5a92\u4f53\u4e0a\u4f20\u5931\u8d25\u3002\u5982\u679c\u8fd9\u662f\u4e00\u5f20\u8f83\u5927\u7684\u7167\u7247\u6216\u56fe\u7247\uff0c\u8bf7\u5c06\u5176\u7f29\u5c0f\u5e76\u91cd\u65b0\u4e0a\u4f20\u3002"],"The response is not a valid JSON response.":["\u6b64\u54cd\u5e94\u4e0d\u662f\u5408\u6cd5\u7684 JSON \u54cd\u5e94\u3002"]}},"comment":{"reference":"wp-includes\/js\/dist\/api-fetch.js"}} ); //# sourceURL=wp-api-fetch-js-translations </script> <script src="https://wp-security.org/wp-includes/js/dist/api-fetch.min.js?ver=3a4d9af2b423048b0dee" id="wp-api-fetch-js"></script> <script id="wp-api-fetch-js-after"> wp.apiFetch.use( wp.apiFetch.createRootURLMiddleware( "https://wp-security.org/zh_cn/wp-json/" ) ); wp.apiFetch.nonceMiddleware = wp.apiFetch.createNonceMiddleware( "d7d4567522" ); wp.apiFetch.use( wp.apiFetch.nonceMiddleware ); wp.apiFetch.use( wp.apiFetch.mediaUploadMiddleware ); wp.apiFetch.nonceEndpoint = "https://wp-security.org/wp-admin/admin-ajax.php?action=rest-nonce"; //# sourceURL=wp-api-fetch-js-after </script> <script src="https://wp-security.org/wp-includes/js/dist/dom-ready.min.js?ver=f77871ff7694fffea381" id="wp-dom-ready-js"></script> <script id="wp-a11y-js-translations"> ( function( domain, translations ) { var localeData = translations.locale_data[ domain ] || translations.locale_data.messages; localeData[""].domain = domain; wp.i18n.setLocaleData( localeData, domain ); } )( "default", {"translation-revision-date":"2026-01-06 20:16:48+0000","generator":"GlotPress\/4.0.3","domain":"messages","locale_data":{"messages":{"":{"domain":"messages","plural-forms":"nplurals=1; plural=0;","lang":"zh_CN"},"Notifications":["\u901a\u77e5"]}},"comment":{"reference":"wp-includes\/js\/dist\/a11y.js"}} ); //# sourceURL=wp-a11y-js-translations </script> <script src="https://wp-security.org/wp-includes/js/dist/a11y.min.js?ver=cb460b4676c94bd228ed" id="wp-a11y-js"></script> <script id="trp-dynamic-translator-js-extra"> var trp_data = {"trp_custom_ajax_url":"https://wp-security.org/wp-content/plugins/translatepress-multilingual/includes/trp-ajax.php","trp_wp_ajax_url":"https://wp-security.org/wp-admin/admin-ajax.php","trp_language_to_query":"zh_CN","trp_original_language":"en_US","trp_current_language":"zh_CN","trp_skip_selectors":["[data-no-translation]","[data-no-dynamic-translation]","[data-trp-translate-id-innertext]","script","style","head","trp-span","translate-press","[data-trp-translate-id]","[data-trpgettextoriginal]","[data-trp-post-slug]"],"trp_base_selectors":["data-trp-translate-id","data-trpgettextoriginal","data-trp-post-slug"],"trp_attributes_selectors":{"text":{"accessor":"outertext","attribute":false},"block":{"accessor":"innertext","attribute":false},"image_src":{"selector":"img[src]","accessor":"src","attribute":true},"submit":{"selector":"input[type='submit'],input[type='button'], input[type='reset']","accessor":"value","attribute":true},"placeholder":{"selector":"input[placeholder],textarea[placeholder]","accessor":"placeholder","attribute":true},"title":{"selector":"[title]","accessor":"title","attribute":true},"a_href":{"selector":"a[href]","accessor":"href","attribute":true},"button":{"accessor":"outertext","attribute":false},"option":{"accessor":"innertext","attribute":false},"aria_label":{"selector":"[aria-label]","accessor":"aria-label","attribute":true},"video_src":{"selector":"video[src]","accessor":"src","attribute":true},"video_poster":{"selector":"video[poster]","accessor":"poster","attribute":true},"video_source_src":{"selector":"video source[src]","accessor":"src","attribute":true},"audio_src":{"selector":"audio[src]","accessor":"src","attribute":true},"audio_source_src":{"selector":"audio source[src]","accessor":"src","attribute":true},"picture_image_src":{"selector":"picture image[src]","accessor":"src","attribute":true},"picture_source_srcset":{"selector":"picture source[srcset]","accessor":"srcset","attribute":true}},"trp_attributes_accessors":["outertext","innertext","src","value","placeholder","title","href","aria-label","poster","srcset"],"gettranslationsnonceregular":"f99b9f10be","showdynamiccontentbeforetranslation":"","skip_strings_from_dynamic_translation":[],"skip_strings_from_dynamic_translation_for_substrings":{"href":["amazon-adsystem","googleads","g.doubleclick"]},"duplicate_detections_allowed":"100","trp_translate_numerals_opt":"no","trp_no_auto_translation_selectors":["[data-no-auto-translation]"]}; //# sourceURL=trp-dynamic-translator-js-extra </script> <script src="https://wp-security.org/wp-content/plugins/translatepress-multilingual/assets/js/trp-translate-dom-changes.js?ver=3.0.7" id="trp-dynamic-translator-js"></script> <script src="https://wp-security.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.1.4" id="swv-js"></script> <script id="contact-form-7-js-translations"> ( function( domain, translations ) { var localeData = translations.locale_data[ domain ] || translations.locale_data.messages; localeData[""].domain = domain; wp.i18n.setLocaleData( localeData, domain ); } )( "contact-form-7", {"translation-revision-date":"2024-09-10 17:33:27+0000","generator":"GlotPress\/4.0.3","domain":"messages","locale_data":{"messages":{"":{"domain":"messages","plural-forms":"nplurals=1; plural=0;","lang":"zh_CN"},"Error:":["\u62a5\u9519\uff1a"]}},"comment":{"reference":"includes\/js\/index.js"}} ); //# sourceURL=contact-form-7-js-translations </script> <script id="contact-form-7-js-before"> var wpcf7 = { "api": { "root": "https:\/\/wp-security.org\/zh_cn\/wp-json\/", "namespace": "contact-form-7\/v1" }, "cached": 1 }; //# sourceURL=contact-form-7-js-before </script> <script src="https://wp-security.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.1.4" id="contact-form-7-js"></script> <script id="disqus_count-js-extra"> var countVars = {"disqusShortname":"wp-security-org"}; //# sourceURL=disqus_count-js-extra </script> <script src="https://wp-security.org/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.1.4" id="disqus_count-js"></script> <script id="disqus_embed-js-extra"> var embedVars = {"disqusConfig":{"integration":"wordpress 3.1.4 6.9"},"disqusIdentifier":"1860 https://wp-security.org/uncategorized/community-security-alert-xss-in-wpematicocve202513031/","disqusShortname":"wp-security-org","disqusTitle":"Community Security Alert XSS in WPeMatico(CVE202513031)","disqusUrl":"https://wp-security.org/zh_cn/vulnerability-database/community-security-alert-xss-in-wpematicocve202513031/","postId":"1860"}; //# sourceURL=disqus_embed-js-extra </script> <script src="https://wp-security.org/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.1.4" id="disqus_embed-js"></script> <script src="https://wp-security.org/wp-content/plugins/powerkit/modules/basic-elements/public/js/public-powerkit-basic-elements.js?ver=4.0.0" id="powerkit-basic-elements-js"></script> <script src="https://wp-security.org/wp-content/plugins/canvas/components/justified-gallery/block/jquery.justifiedGallery.min.js?ver=2.5.1" id="justifiedgallery-js"></script> <script id="powerkit-justified-gallery-js-extra"> var powerkitJG = {"rtl":""}; //# sourceURL=powerkit-justified-gallery-js-extra </script> <script src="https://wp-security.org/wp-content/plugins/powerkit/modules/justified-gallery/public/js/public-powerkit-justified-gallery.js?ver=3.0.4" id="powerkit-justified-gallery-js"></script> <script src="https://wp-security.org/wp-includes/js/imagesloaded.min.js?ver=5.0.0" id="imagesloaded-js"></script> <script src="https://wp-security.org/wp-content/plugins/powerkit/modules/lightbox/public/js/glightbox.min.js?ver=3.0.4" id="glightbox-js"></script> <script id="powerkit-lightbox-js-extra"> var powerkit_lightbox_localize = {"text_previous":"Previous","text_next":"Next","text_close":"Close","text_loading":"Loading","text_counter":"of","single_image_selectors":".entry-content img,.single .post-media img","gallery_selectors":".wp-block-gallery,.gallery","exclude_selectors":".sight-portfolio-area","zoom_icon":"1"}; //# sourceURL=powerkit-lightbox-js-extra </script> <script src="https://wp-security.org/wp-content/plugins/powerkit/modules/lightbox/public/js/public-powerkit-lightbox.js?ver=3.0.4" id="powerkit-lightbox-js"></script> <script id="powerkit-opt-in-forms-js-extra"> var opt_in = {"ajax_url":"https://wp-security.org/wp-admin/admin-ajax.php","warning_privacy":"Please confirm that you agree with our policies.","is_admin":"","server_error":"Server error occurred. Please try again later."}; //# sourceURL=powerkit-opt-in-forms-js-extra </script> <script src="https://wp-security.org/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/public-powerkit-opt-in-forms.js?ver=3.0.4" id="powerkit-opt-in-forms-js"></script> <script async="async" defer="defer" src="//assets.pinterest.com/js/pinit.js?ver=6.9" id="powerkit-pinterest-js"></script> <script id="powerkit-pin-it-js-extra"> var powerkit_pinit_localize = {"image_selectors":".entry-content img","exclude_selectors":".cnvs-block-row,.cnvs-block-section,.cnvs-block-posts .entry-thumbnail,.cnvs-post-thumbnail,.pk-block-author,.pk-featured-categories img,.pk-inline-posts-container img,.pk-instagram-image,.pk-subscribe-image,.wp-block-cover,.pk-block-posts,.sight-portfolio-entry-link-page","only_hover":"1"}; //# sourceURL=powerkit-pin-it-js-extra </script> <script src="https://wp-security.org/wp-content/plugins/powerkit/modules/pinterest/public/js/public-powerkit-pin-it.js?ver=3.0.4" id="powerkit-pin-it-js"></script> <script src="https://wp-security.org/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/public-powerkit-scroll-to-top.js?ver=3.0.4" id="powerkit-scroll-to-top-js"></script> <script src="https://wp-security.org/wp-content/plugins/powerkit/modules/share-buttons/public/js/public-powerkit-share-buttons.js?ver=3.0.4" id="powerkit-share-buttons-js"></script> <script src="https://wp-security.org/wp-content/plugins/canvas/components/slider-gallery/block/flickity.pkgd.min.js?ver=2.5.1" id="flickity-js"></script> <script id="powerkit-slider-gallery-js-extra"> var powerkit_sg_flickity = {"page_info_sep":" of "}; //# sourceURL=powerkit-slider-gallery-js-extra </script> <script src="https://wp-security.org/wp-content/plugins/powerkit/modules/slider-gallery/public/js/public-powerkit-slider-gallery.js?ver=3.0.4" id="powerkit-slider-gallery-js"></script> <script id="powerkit-table-of-contents-js-extra"> var powerkit_toc_config = {"label_show":"Show","label_hide":"Hide"}; //# sourceURL=powerkit-table-of-contents-js-extra </script> <script src="https://wp-security.org/wp-content/plugins/powerkit/modules/table-of-contents/public/js/public-powerkit-table-of-contents.js?ver=3.0.4" id="powerkit-table-of-contents-js"></script> <script src="https://wp-security.org/wp-content/plugins/sight/render/js/jquery.magnific-popup.min.js?ver=1754493394" id="magnific-popup-js"></script> <script id="sight-block-script-js-extra"> var sight_lightbox_localize = {"text_previous":"Previous","text_next":"Next","text_close":"Close","text_loading":"Loading","text_counter":"of"}; //# sourceURL=sight-block-script-js-extra </script> <script src="https://wp-security.org/wp-content/plugins/sight/render/js/sight.js?ver=1754493394" id="sight-block-script-js"></script> <script src="https://wp-security.org/wp-content/plugins/canvas/components/posts/block-posts/colcade.js?ver=2.5.1" id="colcade-js"></script> <script src="https://wp-security.org/wp-content/themes/squaretype/js/ofi.min.js?ver=3.2.3" id="object-fit-images-js"></script> <script id="csco-scripts-js-extra"> var csco_mega_menu = {"rest_url":"https://wp-security.org/zh_cn/wp-json/csco/v1/menu-posts","current_lang":"","current_locale":"zh_CN"}; //# sourceURL=csco-scripts-js-extra </script> <script src="https://wp-security.org/wp-content/themes/squaretype/js/scripts.js?ver=3.1.1" id="csco-scripts-js"></script> <script src="https://wp-security.org/wp-includes/js/comment-reply.min.js?ver=6.9" id="comment-reply-js" async data-wp-strategy="async" fetchpriority="low"></script> <script id="wp-emoji-settings" type="application/json"> {"baseUrl":"https://s.w.org/images/core/emoji/17.0.2/72x72/","ext":".png","svgUrl":"https://s.w.org/images/core/emoji/17.0.2/svg/","svgExt":".svg","source":{"concatemoji":"https://wp-security.org/wp-includes/js/wp-emoji-release.min.js?ver=6.9"}} </script> <script type="module"> /*! This file is auto-generated */ const a=JSON.parse(document.getElementById("wp-emoji-settings").textContent),o=(window._wpemojiSettings=a,"wpEmojiSettingsSupports"),s=["flag","emoji"];function i(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function c(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data);e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0);const a=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data);return t.every((e,t)=>e===a[t])}function p(e,t){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var n=e.getImageData(16,16,1,1);for(let e=0;e<n.data.length;e++)if(0!==n.data[e])return!1;return!0}function u(e,t,n,a){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\udde8\ud83c\uddf6","\ud83c\udde8\u200b\ud83c\uddf6")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!a(e,"\ud83e\u1fac8")}return!1}function f(e,t,n,a){let r;const o=(r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):document.createElement("canvas")).getContext("2d",{willReadFrequently:!0}),s=(o.textBaseline="top",o.font="600 32px Arial",{});return e.forEach(e=>{s[e]=t(o,e,n,a)}),s}function r(e){var t=document.createElement("script");t.src=e,t.defer=!0,document.head.appendChild(t)}a.supports={everything:!0,everythingExceptFlag:!0},new Promise(t=>{let n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),c.toString(),p.toString()].join(",")+"));",a=new Blob([e],{type:"text/javascript"});const r=new Worker(URL.createObjectURL(a),{name:"wpTestEmojiSupports"});return void(r.onmessage=e=>{i(n=e.data),r.terminate(),t(n)})}catch(e){}i(n=f(s,u,c,p))}t(n)}).then(e=>{for(const n in e)a.supports[n]=e[n],a.supports.everything=a.supports.everything&&a.supports[n],"flag"!==n&&(a.supports.everythingExceptFlag=a.supports.everythingExceptFlag&&a.supports[n]);var t;a.supports.everythingExceptFlag=a.supports.everythingExceptFlag&&!a.supports.flag,a.supports.everything||((t=a.source||{}).concatemoji?r(t.concatemoji):t.wpemoji&&t.twemoji&&(r(t.twemoji),r(t.wpemoji)))}); //# sourceURL=https://wp-security.org/wp-includes/js/wp-emoji-loader.min.js </script> <!-- Usermaven - privacy-friendly analytics tool --> <script type="text/javascript"> (function () { window.usermaven = window.usermaven || (function () { (window.usermavenQ = window.usermavenQ || []).push(arguments); }) var t = document.createElement('script'), s = document.getElementsByTagName('script')[0]; t.defer = true; t.id = 'um-tracker'; t.setAttribute('data-tracking-host', 'https://u.wp-security.org'); t.setAttribute('data-key', 'UMZaYew9Sp'); t.setAttribute('data-autocapture', 'true'); t.setAttribute('data-randomize-url', 'true'); t.src = 'https://u.wp-security.org/lib.js'; s.parentNode.insertBefore(t, s); })(); </script> <!-- / Usermaven --> <nav class="trp-language-switcher trp-floating-switcher trp-ls-dropdown trp-switcher-position-bottom" style="--bg:#ffffffb2;--bg-hover:#0000000d;--text:#000000;--text-hover:#000000;--border:1px solid transparent;--border-radius:8px 8px 0px 0px;--flag-radius:2px;--flag-size:20px;--aspect-ratio:4/3;--font-size:16px;--switcher-width:auto;--switcher-padding:10px 0;--transition-duration:0.2s;--bottom:0px;--right:10vw" role="navigation" aria-label="网站语言选择器" data-no-translation > <div class="trp-language-switcher-inner"> <div class="trp-language-item trp-language-item__current" title="Chinese (China)" role="button" tabindex="0" aria-expanded="false" aria-label="Change language" aria-controls="trp-switcher-dropdown-list" data-no-translation><span class="trp-language-item-name">Chinese (China)</span></div> <div class="trp-switcher-dropdown-list" id="trp-switcher-dropdown-list" role="group" aria-label="可用语言" hidden inert > <a href="https://wp-security.org/vulnerability-database/community-security-alert-xss-in-wpematicocve202513031/" class="trp-language-item" title="English" data-no-translation><span class="trp-language-item-name">English</span></a> <a href="https://wp-security.org/zh/vulnerability-database/community-security-alert-xss-in-wpematicocve202513031/" class="trp-language-item" title="Chinese (Hong Kong)" data-no-translation><span class="trp-language-item-name">Chinese (Hong Kong)</span></a> <a href="https://wp-security.org/es/vulnerability-database/community-security-alert-xss-in-wpematicocve202513031/" class="trp-language-item" title="Spanish" data-no-translation><span class="trp-language-item-name">Spanish</span></a> <a href="https://wp-security.org/hi/vulnerability-database/community-security-alert-xss-in-wpematicocve202513031/" class="trp-language-item" title="Hindi" data-no-translation><span class="trp-language-item-name">Hindi</span></a> <a href="https://wp-security.org/fr/vulnerability-database/community-security-alert-xss-in-wpematicocve202513031/" class="trp-language-item" title="French" data-no-translation><span class="trp-language-item-name">French</span></a> </div> </div> </nav> <script type="text/javascript"> "use strict"; (function($) { $( window ).on( 'load', function() { // Each All Share boxes. $( '.pk-share-buttons-mode-rest' ).each( function() { var powerkitButtonsIds = [], powerkitButtonsBox = $( this ); // Check Counts. if ( ! powerkitButtonsBox.hasClass( 'pk-share-buttons-has-counts' ) && ! powerkitButtonsBox.hasClass( 'pk-share-buttons-has-total-counts' ) ) { return; } powerkitButtonsBox.find( '.pk-share-buttons-item' ).each( function() { if ( $( this ).attr( 'data-id' ).length > 0 ) { powerkitButtonsIds.push( $( this ).attr( 'data-id' ) ); } }); // Generate accounts data. var powerkitButtonsData = {}; if( powerkitButtonsIds.length > 0 ) { powerkitButtonsData = { 'ids' : powerkitButtonsIds.join(), 'post_id' : powerkitButtonsBox.attr( 'data-post-id' ), 'url' : powerkitButtonsBox.attr( 'data-share-url' ), }; } // Get results by REST API. $.ajax({ type: 'GET', url: 'https://wp-security.org/zh_cn/wp-json/social-share/v1/get-shares', data: powerkitButtonsData, beforeSend: function(){ // Add Loading Class. powerkitButtonsBox.addClass( 'pk-share-buttons-loading' ); }, success: function( response ) { if ( ! $.isEmptyObject( response ) && ! response.hasOwnProperty( 'code' ) ) { // Accounts loop. $.each( response, function( index, data ) { if ( index !== 'total_count' ) { // Find Bsa Item. var powerkitButtonsItem = powerkitButtonsBox.find( '.pk-share-buttons-item[data-id="' + index + '"]'); // Set Count. if ( data.hasOwnProperty( 'count' ) && data.count ) { powerkitButtonsItem.removeClass( 'pk-share-buttons-no-count' ).addClass( 'pk-share-buttons-item-count' ); powerkitButtonsItem.find( '.pk-share-buttons-count' ).html( data.count ); } else { powerkitButtonsItem.addClass( 'pk-share-buttons-no-count' ); } } }); if ( powerkitButtonsBox.hasClass( 'pk-share-buttons-has-total-counts' ) && response.hasOwnProperty( 'total_count' ) ) { var powerkitButtonsTotalBox = powerkitButtonsBox.find( '.pk-share-buttons-total' ); if ( response.total_count ) { powerkitButtonsTotalBox.find( '.pk-share-buttons-count' ).html( response.total_count ); powerkitButtonsTotalBox.show().removeClass( 'pk-share-buttons-total-no-count' ); } } } // Remove Loading Class. powerkitButtonsBox.removeClass( 'pk-share-buttons-loading' ); }, error: function() { // Remove Loading Class. powerkitButtonsBox.removeClass( 'pk-share-buttons-loading' ); } }); }); }); })(jQuery); </script> </body> </html> <!-- Performance optimized by Redis Object Cache. Learn more: https://wprediscache.com 使用 PhpRedis (v6.3.0) 从 Redis 检索了 10068 个对象 (1 MB)。 --><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script>