Hello, I think this is a more serious vulnerability.
As long as any one has the permission to edit Blog or Pages pages, of course, other interfaces also have similar problems.
The problem mainly occurs in the inc/core/lib/Templates.php, which is also some template format used in your footer and title
Hello, I think this is a more serious vulnerability. As long as any one has the permission to edit Blog or Pages pages, of course, other interfaces also have similar problems. The problem mainly occurs in the inc/core/lib/Templates.php, which is also some template format used in your footer and title
Below I will give the way to use it: 1、 Blog:
Preview it, use success:
2、Pages: Here I give another payload use:
Preview it, use success: