{"id":26985,"date":"2023-11-02T16:06:04","date_gmt":"2023-02-10T20:08:48","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/"},"modified":"2025-08-12T00:08:06","modified_gmt":"2025-08-11T16:08:06","slug":"%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/","title":{"rendered":"\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e"},"content":{"rendered":"

\u9996\u5148\u7531\u4e8e\u8eab\u4f53\u4e0d\u9002\uff0c\u6211\u5df2\u7ecf\u8fde\u7eed\u4e24\u5929\u65e0\u6cd5\u53d1\u5e03\u5e16\u5b50\uff0c\u611f\u5230\u5f88\u4e22\u8138\u3002\u5929\u6c14\u53d8\u5f97\u660e\u663e\u5bd2\u51b7\uff0c\u5e0c\u671b\u5927\u5bb6\u4e5f\u8981\u6ce8\u610f\u4e0d\u8981\u611f\u5192\uff0c\u8bf7\u5927\u5bb6\u4fdd\u91cd\u8eab\u4f53\u3002<\/p>\n
\u53c2\u4e0eSnyk Advent Calendar 2021\u7684\u6587\u7ae0\u662f\u4e00\u4e2a\u4e3a\u4e86\u5ba3\u4f20\u4ea7\u54c1\u800c\u521b\u5efa\u7684\u5723\u8bde\u65e5\u5386\u6d3b\u52a8\uff0c\u5728\u6b64\u6d3b\u52a8\u4e2d\uff0c\u6709\u4e09\u540d\u5e78\u8fd0\u7684Snyk\u5956\u5f97\u4e3b\u5c06\u83b7\u8d60\u4e00\u53f0\u6700\u65b0\u7684iPad 64GB Wi-Fi\u578b\u53f7\u548cApple Pencil\uff08\u7b2c2\u4ee3\uff09\u3002<\/p>\n

SnykSnyk\uff08\u601d\u7eaa\u5b50\uff09\u662f\u4e00\u5bb6\u603b\u90e8\u4f4d\u4e8e\u7f8e\u56fd\u6ce2\u58eb\u987f\u7684\u4e13\u6ce8\u4e8e\u4e91\u8ba1\u7b97\u7684\u7f51\u7edc\u5b89\u5168\u516c\u53f8\uff0c\u6210\u7acb\u4e8e2015\u5e74\u3002 \u57282021\u5e74\u7684\u300a\u798f\u5e03\u65af\u4e91\u7aef100\u5f3a\u300b\u4e2d\uff0cSnyk\u6392\u540d\u7b2c39\u4f4d\uff0c\u5176\u4f30\u503c\u57282021\u5e749\u6708\u98d9\u5347\u81f385\u4ebf\u7f8e\u5143\uff08\u5408934\u4ebf\u65e5\u5143\uff09\u3002\u4f3c\u4e4e\u6709\u8c37\u6b4c\u3001Salesforce\u3001Intuit\u3001Atlassian\u7b49\u516c\u53f8\u4f5c\u4e3a\u5176\u5ba2\u6237\u3002<\/p>\n

Note: The Chinese translation provided above is a direct translation of the original text. The company name “Snyk” is also left untranslated, as there is no widely used equivalent term in Chinese.<\/p>\n

Snyk\u7684\u8bcd\u6e90\u548c\u53d1\u97f3Snyk \u662f\u300c\u4f60\u73b0\u5728\u77e5\u9053\u300d\u7684\u7b80\u79f0\u3002<\/p>\n

\u521b\u4e1a\u8005\u4f3c\u4e4e\u662f\u4ee5\u201csneak\u201d\u8fd9\u4e2a\u53d1\u97f3\u6765\u8bfb\u7684\u3002<\/p>\n

\u6b64\u5916\uff0c\u5728\u5f00\u53d1\u56e2\u961f\u4e2d\u4f3c\u4e4e\u4e5f\u6709\u4eba\u5c06\u5176\u53d1\u97f3\u4e3a\u201cSnick\uff08\u65af\u5c3c\u514b\uff09\u201d\u3002\u201cSnick\u201d\u4e00\u8bcd\u6307\u7684\u662f\u94a5\u5319\u9501\u4e0a\u65f6\u53d1\u51fa\u7684\u5361\u55d2\u58f0\uff0c\u56e0\u4e3a\u8be5\u58f0\u97f3\u53ef\u4ee5\u589e\u52a0\u9501\u7684\u5b89\u5168\u6027\u3002<\/p>\n

\u4ea7\u54c1\u6839\u636e\u4ea7\u54c1\u6765\u770b\uff0c\u4f3c\u4e4e\u53ef\u4ee5\u5206\u4e3a\u4ee5\u4e0b\u56db\u4e2a\u3002<\/p>\n
\n
\u88fd\u54c1\u540d\u6982\u8981Snyk Open Source<\/a>\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u306e\u8106\u5f31\u6027\u3092\u898b\u3064\u3051\u3066\u81ea\u52d5\u7684\u306b\u4fee\u6b63\u3059\u308bSnyk Code<\/a>\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30b3\u30fc\u30c9\u306e\u8106\u5f31\u6027\u3092\u30ea\u30a2\u30eb\u30bf\u30a4\u30e0\u3067\u898b\u3064\u3051\u3066\u4fee\u6b63\u3059\u308bSnyk Container<\/a>\u30b3\u30f3\u30c6\u30ca\u30a4\u30e1\u30fc\u30b8\u3068 Kubernetes \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3092\u898b\u3064\u3051\u3066\u4fee\u6b63\u3059\u308bSnyk Infrastructure as Code<\/a>Terraform\u3001CloudFormation\u3001Kubernetes\u3001ARM \u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u306e\u8a2d\u5b9a\u30df\u30b9\u3092\u898b\u3064\u3051\u3066\u4fee\u6b63\u3059\u308b<\/p>\n

\u65b9\u6848\u4ee5\u4e0b\u662f\u56db\u79cd\u8ba1\u5212\u9009\u62e9\uff1aFree\u3001Team\u3001Business\u548cEnterprise\u3002\u4ed8\u8d39\u8ba1\u5212\u9700\u8981\u67095\u540d\u5f00\u53d1\u8005\uff0c\u6bcf\u6708\u8d39\u7528\u4ece125\u7f8e\u5143\u8d77\uff0c\u53ef\u4ee5\u9009\u62e9Snyk Open Source\u6216Snyk Container\u5176\u4e2d\u4e4b\u4e00\u3002<\/p>\n

\u514d\u8d39\u8ba1\u5212\u514d\u8d39\u8ba1\u5212\u6709\u4ee5\u4e0b\u9650\u5236\u3002<\/p>\n
\n
\u30c6\u30b9\u30c8\u6708\u9593\u4e0a\u9650Snyk Open Source\u6708200\u56deSnyk Code\u6708100\u56deSnyk Container\u6708100\u56deSnyk Infrastructure as Code\u6708300\u56de<\/p>\n

\u6ce8\u518cSnyk \u662f\u4e00\u4e2a SaaS\uff08\u8f6f\u4ef6\u5373\u670d\u52a1\uff09\u5e73\u53f0\uff0c\u9700\u8981\u521b\u5efa\u8d26\u53f7\u624d\u80fd\u5f00\u59cb\u4f7f\u7528\u3002\u60a8\u53ef\u4ee5\u4f7f\u7528 GitHub\u3001Google\u3001Bitbucket\u3001Azure AD \u6216 Docker ID \u4e2d\u7684\u4efb\u4f55\u4e00\u4e2a\u8d26\u53f7\u8fdb\u884c\u521b\u5efa\u3002
\nhttps:\/\/app.snyk.io\/login<\/p>\n

\u63a5\u53e3Snyk\u7684\u754c\u9762\u5982\u4e0b\u6240\u793a\u3002<\/p>\n

Snyk – Web \u30d9\u30fc\u30b9<\/p>\n

Snyk CLI – \u30b3\u30de\u30f3\u30c9\u30e9\u30a4\u30f3\u30d9\u30fc\u30b9<\/p>\n

Snyk API – Business \u30d7\u30e9\u30f3\u304b Enterpirse \u30d7\u30e9\u30f3\u3067\u306e\u307f\u5229\u7528\u53ef\u80fd<\/p>\n

IDE plugins<\/p>\n

Snyk Vulnerability Scanner (JETBRAINS)<\/p>\n

Snyk Vulnerability Scanner (Visual Studio Code)<\/p>\n

Snyk Vulnerability Scanner (Visual Studio 2015, 2017, 2019)<\/p>\n

Snyk Security Scanner (ECLIPSE)<\/p>\n

Website Scanner – URL \u3092\u5165\u529b\u3057\u3066 Web \u30b5\u30a4\u30c8\u3092\u30aa\u30f3\u30e9\u30a4\u30f3\u3067\u691c\u67fb<\/p>\n

Snyk Vulnerability Database –<\/p>\n

Snyk Advisor –<\/p>\n

Snyk \u547d\u4ee4\u884c\u754c\u9762<\/p>\n

\u5b89\u88c5\u6839\u636e2021\u5e7412\u6708\u7684\u6700\u65b0\u6570\u636e\uff0cSnyk CLI\u53ef\u4ee5\u901a\u8fc7npm\u3001Yarn\u3001Homebrew\u3001Scoop\u3001Docker\u548c\u5355\u72ec\u7684\u53ef\u6267\u884c\u6587\u4ef6\u8fdb\u884c\u5b89\u88c5\u3002<\/p>\n

npm\u662f\u4e00\u4e2a\u5305\u7ba1\u7406\u5de5\u5177\u3002<\/p>\n
npm install <\/span>snyk@latest -g<\/span>\r\n<\/code><\/pre>\n
\u7ebf<\/p>\n
yarn global add snyk\r\n<\/code><\/pre>\n
\u81ea\u917f\u7684\u9152<\/p>\n
brew tap snyk\/tap &&<\/span> brew install <\/span>snyk\r\n<\/code><\/pre>\n
– \u5b89\u88dd snyk\/tap\uff0c\u8907\u88fd\u5230 ‘\/usr\/local\/Homebrew\/Library\/Taps\/snyk\/homebrew-tap’…
\n– \u9060\u7aef\uff1a\u6b63\u5728\u5217\u8209\u7269\u4ef6: 1960\u500b\uff0c\u5b8c\u6210\u3002
\n– \u9060\u7aef\uff1a\u6b63\u5728\u8a08\u6578\u7269\u4ef6: 100% (924\/924)\uff0c\u5b8c\u6210\u3002
\n– \u9060\u7aef\uff1a\u6b63\u5728\u58d3\u7e2e\u7269\u4ef6: 100% (704\/704)\uff0c\u5b8c\u6210\u3002
\n– \u9060\u7aef\uff1a\u7e3d\u5171 1960\u500b (\u5dee\u7570 315\u500b)\uff0c\u91cd\u8907\u4f7f\u7528 751\u500b (\u5dee\u7570 218\u500b)\uff0c\u91cd\u8907\u6253\u5305 1036\u500b
\n– \u63a5\u6536\u7269\u4ef6: 100% (1960\/1960)\uff0c265.65 KiB | 5.11 MiB\/s\uff0c\u5b8c\u6210\u3002
\n– \u89e3\u6790\u5dee\u7570: 100% (803\/803)\uff0c\u5b8c\u6210\u3002
\n– \u5b89\u88dd 2\u500b\u914d\u65b9 (20\u500b\u6587\u4ef6\uff0c330.8KB)\u3002
\n– \u4e0b\u8f09 https:\/\/static.snyk.io\/cli\/v1.797.0\/snyk-macos
\n– \u6b63\u5728\u5b89\u88dd snyk \u4f86\u81ea snyk\/tap
\n– \u88dd\u597d ? \/usr\/local\/Cellar\/snyk\/1.797.0: 3\u500b\u6587\u4ef6\uff0c52.7MB\uff0c\u5efa\u7acb\u65bc 4\u79d2\u5167\u3002
\n– \u57f7\u884c `brew cleanup snyk`…
\n– \u900f\u904e\u8a2d\u5b9a HOMEBREW_NO_INSTALL_CLEANUP \u4f86\u505c\u7528\u6b64\u884c\u70ba\u3002
\n– \u900f\u904e HOMEBREW_NO_ENV_HINTS \u4f86\u96b1\u85cf\u9019\u4e9b\u63d0\u793a (\u53c3\u8003 `man brew`)\u3002<\/details>\n
\u8200\u53d6<\/p>\n
scoop bucket add snyk https:\/\/github.com\/snyk\/scoop-snyk\r\nscoop install <\/span>snyk\r\n<\/code><\/pre>\n
\u8bf7\u5e2e\u52a9\u6211 w\u01d2)<\/p>\n
snyk --help<\/span>\r\n<\/code><\/pre>\n
Snyk CLI\r\n  Snyk CLI scans and monitors your projects for security vulnerabilities.\r\n  Visit https:\/\/snyk.io for more details.\r\n\r\nNot sure where to start?\r\n  1. Authenticate with snyk auth.\r\n  2. Test your local project with snyk test.\r\n  3. Get alerted for new vulnerabilities with snyk monitor.\r\n\r\nAvailable commands\r\n  To learn more about Snyk CLI use the --help option, e.g. snyk container --help or snyk auth --help\r\n  .\r\n\r\n  snyk auth\r\n    Authenticate Snyk CLI with a Snyk account.\r\n\r\n  snyk test\r\n    Test local project's dependencies for vulnerabilities.\r\n\r\n  snyk monitor\r\n    Snapshot and continuously monitor your project.\r\n\r\n  snyk container\r\n    Test container images for vulnerabilities.\r\n\r\n  snyk iac\r\n    Find security issues in your Infrastructure as Code files.\r\n\r\n  snyk code\r\n    Find security issues using static code analysis.\r\n\r\n  snyk config\r\n    Manage Snyk CLI configuration.\r\n\r\n  snyk protect\r\n    Applies the patches specified in your .snyk file to the local file system.\r\n\r\n  snyk policy\r\n    Display the .snyk policy for a package.\r\n\r\n  snyk ignore\r\n    Modifies the .snyk policy to ignore stated issues.\r\n\r\n  snyk wizard\r\n    Configure your .snyk policy file.\r\n<\/code><\/pre>\n
\u7248\u672c\u786e\u8ba4<\/p>\n
snyk --version<\/span>\r\n<\/code><\/pre>\n
\u67e5\u770b\u622a\u81f32021\u5e7412\u670820\u65e5\u7684\u7248\u672c\uff0c\u53d1\u73b0\u7248\u672c\u53f7\u4e3a1.797.0\u3002\uff08\u987a\u4fbf\u63d0\u4e00\u4e0b\uff0c\u4e4b\u540e\u572812\/20\u8fdb\u884c\u4e866\u6b21\u7248\u672c\u66f4\u65b0\u3002\uff09<\/p>\n
\u9a8c\u8bc1<\/p>\n
snyk auth\r\n<\/code><\/pre>\n
\u7ed3\u679c\u73b0\u5728\u5c06\u60a8\u91cd\u5b9a\u5411\u5230\u6211\u4eec\u7684\u6388\u6743\u9875\u9762\uff0c\u8bf7\u767b\u5f55\uff0c
\n\u4e00\u65e6\u6388\u6743\u5b8c\u6210\uff0c\u8bf7\u8fd4\u56de\u6b64\u63d0\u793a\uff0c\u5e76\u4e14\u60a8\u5c06\u53ef\u4ee5\u5f00\u59cb\u4f7f\u7528 Snyk\u3002<\/p>\n
\u5982\u679c\u60a8\u7b49\u4e0d\u53ca\uff0c\u8bf7\u4f7f\u7528\u6b64\u7f51\u5740\uff1a
\nhttps:\/\/snyk.io\/login?token=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx&utm_medium=cli&utm_source=cli&utm_campaign=HOMEBREW&os=darwin&docker=false<\/p>\n
\u60a8\u7684\u5e10\u53f7\u5df2\u901a\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u3002Snyk\u73b0\u5728\u53ef\u4ee5\u4f7f\u7528\u4e86\u3002<\/p>\n<\/details>\n
\u6267\u884c\u4e0a\u8ff0\u547d\u4ee4\u5c06\u81ea\u52a8\u542f\u52a8\u6d4f\u89c8\u5668\u3002<\/p>\n
\"Log-in-Snyk.png\"<\/p>\n
\u68c0\u67e5PHP\u5e94\u7528\u7a0b\u5e8f<\/p>\n
\u53ea\u9700\u8981\u4e00\u4e2a\u9009\u9879\uff1a\u5728\u4e2d\u56fd\u4eba\u6bcd\u8bed\u4e2d\u6539\u8ff0\u4ee5\u4e0b\u5185\u5bb9\uff1a\u652f\u6301\u7684PHP\u5305\u7ba1\u7406\u5de5\u5177<\/p>\n
\u5f00\u53d1\u8bed\u8a00
\n\u5305\u7ba1\u7406\u5668\/\u6784\u5efa\u5de5\u5177<\/p>\n
PHP
\nComposer<\/p><\/blockquote>\n
PHP \u652f\u6301\u7684\u6587\u4ef6\u6269\u5c55\u540d\u3002<\/p>\n
\u8bed\u8a00
\n\u6269\u5c55<\/p>\n
PHP
\nfcgi<\/p>\n
PHP
\nphp3<\/p>\n
PHP
\nphp4<\/p>\n
PHP
\nphp5<\/p>\n
PHP
\nphps<\/p>\n
PHP
\nphpt<\/p>\n
PHP
\ninc<\/p>\n
PHP
\naw<\/p>\n
PHP
\nphp<\/p>\n
PHP
\nctp<\/p><\/blockquote>\n
\u68c0\u67e5WordPress\u7684\u5f31\u70b9<\/p>\n
\u68c0\u67e5\u5305\u88c5<\/p>\n
mkdir <\/span>snyk &&<\/span> cd<\/span> $_<\/span>\r\ncomposer require johnpbloch\/wordpress-core-installer\r\ncomposer require johnpbloch\/wordpress-core\r\nsnyk test<\/span>\r\n<\/code><\/pre>\n
\u4f7f\u7528johnpbloch\/wordpress-core-installer\u7684\u7248\u672c^2.0
\n\u5df2\u521b\u5efa.\/composer.json\u6587\u4ef6
\n\u6b63\u5728\u8fd0\u884ccomposer update johnpbloch\/wordpress-core-installer
\n\u6b63\u5728\u52a0\u8f7d\u5305\u4fe1\u606f\u7684composer\u5b58\u50a8\u5e93
\n\u6b63\u5728\u66f4\u65b0\u4f9d\u8d56\u9879
\n\u9501\u5b9a\u6587\u4ef6\u64cd\u4f5c\uff1a1\u4e2a\u5b89\u88c5\u30010\u4e2a\u66f4\u65b0\u30010\u4e2a\u79fb\u9664
\n– \u9501\u5b9ajohnpbloch\/wordpress-core-installer\uff082.0.0\uff09
\n\u6b63\u5728\u5199\u5165\u9501\u5b9a\u6587\u4ef6
\n\u4ece\u9501\u5b9a\u6587\u4ef6\u4e2d\u5b89\u88c5\u4f9d\u8d56\u9879\uff08\u5305\u62ecrequire-dev\uff09
\n\u5305\u64cd\u4f5c\uff1a1\u4e2a\u5b89\u88c5\u30010\u4e2a\u66f4\u65b0\u30010\u4e2a\u79fb\u9664
\n– \u5b89\u88c5johnpbloch\/wordpress-core-installer\uff082.0.0\uff09\uff1a\u89e3\u538b\u5f52\u6863\u6587\u4ef6
\n\u751f\u6210\u81ea\u52a8\u52a0\u8f7d\u6587\u4ef6\u4f7f\u7528johnpbloch\/wordpress-core\u7684\u7248\u672c^5.8
\n\u5df2\u66f4\u65b0.\/composer.json\u6587\u4ef6
\n\u6b63\u5728\u8fd0\u884ccomposer update johnpbloch\/wordpress-core
\n\u6b63\u5728\u52a0\u8f7d\u5305\u4fe1\u606f\u7684composer\u5b58\u50a8\u5e93
\n\u6b63\u5728\u66f4\u65b0\u4f9d\u8d56\u9879
\n\u9501\u5b9a\u6587\u4ef6\u64cd\u4f5c\uff1a1\u4e2a\u5b89\u88c5\u30010\u4e2a\u66f4\u65b0\u30010\u4e2a\u79fb\u9664
\n– \u9501\u5b9ajohnpbloch\/wordpress-core\uff085.8.2\uff09
\n\u6b63\u5728\u5199\u5165\u9501\u5b9a\u6587\u4ef6
\n\u4ece\u9501\u5b9a\u6587\u4ef6\u4e2d\u5b89\u88c5\u4f9d\u8d56\u9879\uff08\u5305\u62ecrequire-dev\uff09
\n\u5305\u64cd\u4f5c\uff1a1\u4e2a\u5b89\u88c5\u30010\u4e2a\u66f4\u65b0\u30010\u4e2a\u79fb\u9664
\n– \u5b89\u88c5johnpbloch\/wordpress-core\uff085.8.2\uff09\uff1a\u89e3\u538b\u5f52\u6863\u6587\u4ef6
\n\u751f\u6210\u81ea\u52a8\u52a0\u8f7d\u6587\u4ef6<\/p>\n
\u6b63\u5728\u6d4b\u8bd5\/Users\/bezeklik\/Workspace\/snyk…<\/p>\n
\u7ec4\u7ec7\uff1abezeklik
\n\u8f6f\u4ef6\u5305\u7ba1\u7406\u5668\uff1acomposer
\n\u76ee\u6807\u6587\u4ef6\uff1acomposer.lock
\n\u9879\u76ee\u540d\u79f0\uff1asnyk
\n\u5f00\u6e90\uff1a\u5426
\n\u9879\u76ee\u8def\u5f84\uff1a\/Users\/bezeklik\/Workspace\/snyk
\n\u8bb8\u53ef\u8bc1\uff1a\u5df2\u542f\u7528<\/p>\n
\u2714 \u5bf95\u4e2a\u4f9d\u8d56\u9879\u8fdb\u884c\u4e86\u5df2\u77e5\u95ee\u9898\u6d4b\u8bd5\uff0c\u672a\u53d1\u73b0\u6613\u53d7\u653b\u51fb\u7684\u8def\u5f84\u3002<\/p>\n
\u4e0b\u4e00\u6b65\uff1a
\n– \u8fd0\u884c`snyk monitor`\u4ee5\u63a5\u6536\u6709\u5173\u65b0\u76f8\u5173\u6f0f\u6d1e\u7684\u901a\u77e5\u3002
\n– \u8fd0\u884c`snyk test`\u4f5c\u4e3a\u60a8\u7684CI\/\u6d4b\u8bd5\u7684\u4e00\u90e8\u5206\u3002<\/p>\n<\/details>\n
\u7531\u4e8e\u6700\u65b0\u7248\u672c\u7684 WordPress 5.8.2\uff0c\u56e0\u6b64\u6ca1\u6709\u68c0\u6d4b\u5230\u8f6f\u4ef6\u5305\u7684\u6f0f\u6d1e\u3002<\/p>\n
\u4ee3\u7801\u68c0\u67e5<\/p>\n
snyk code test<\/span>\r\n<\/code><\/pre>\n
\u7d50\u679cTesting \/Users\/bezeklik\/Workspace\/snyk …<\/p>\n
\u2717 [Low] XML External Entity (XXE) Injection
\nPath: wordpress\/wp-includes\/atomlib.php, line 173
\nInfo: Unsanitized input from data from a remote resource flows to xml_parse. This may result in an XXE vulnerability. You may be vulnerable if using an old version of PHP (<8.0)<\/p>\n
\u2717 [Medium] Open Redirect
\nPath: wordpress\/wp-includes\/js\/backbone.js, line 2032
\nInfo: Unsanitized input from the document location flows into replace, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.<\/p>\n
\u2717 [Medium] Open Redirect
\nPath: wordpress\/wp-admin\/js\/privacy-tools.js, line 91
\nInfo: Unsanitized input from data from a remote resource flows into window.location, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-login.php, line 672
\nInfo: setcookie has the Secure attribute set to false. Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Open Redirect
\nPath: wordpress\/wp-includes\/ms-settings.php, line 79
\nInfo: Unsanitized input from an HTTP header flows into header, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.<\/p>\n
\u2717 [Medium] Open Redirect
\nPath: wordpress\/wp-includes\/pluggable.php, line 1343
\nInfo: Unsanitized input from an HTTP header flows into header, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/comment.php, line 577
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/comment.php, line 578
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/comment.php, line 579
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1031
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1032
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1033
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1034
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1035
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1036
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1039
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1040
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1043
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1044
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1045
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1046
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1049
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1050
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1051
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1052
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/pluggable.php, line 1055
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/option.php, line 1274
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/class-wp-recovery-mode-cookie-service.php, line 62
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
\nPath: wordpress\/wp-includes\/class-wp-recovery-mode-cookie-service.php, line 63
\nInfo: setcookie misses the Secure attribute (it is false by default). Set it to true to protect the cookie from man-in-the-middle attacks.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-login.php, line 416
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-login.php, line 419
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-login.php, line 672
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/comment.php, line 577
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/comment.php, line 578
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/comment.php, line 579
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/comment.php, line 595
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/comment.php, line 596
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/comment.php, line 597
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1031
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1032
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1033
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1034
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1035
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1036
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1039
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1040
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1043
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1044
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1045
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1046
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1049
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1050
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1051
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1052
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/pluggable.php, line 1055
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/option.php, line 1097
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/option.php, line 1098
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/option.php, line 1274
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/class-wp-recovery-mode-cookie-service.php, line 62
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-includes\/class-wp-recovery-mode-cookie-service.php, line 63
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Sensitive Cookie Without ‘HttpOnly’ Flag
\nPath: wordpress\/wp-admin\/post.php, line 231
\nInfo: setcookie misses the HttpOnly attribute (it is false by default). Set it to true to protect the cookie from possible malicious code on client side.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/pluggable.php, line 2432
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/pluggable.php, line 2565
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/pluggable.php, line 2568
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/l10n.php, line 1105
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ms-files.php, line 59
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/dashboard.php, line 1155
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/dashboard.php, line 1256
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/dashboard.php, line 1765
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/plugin-install.php, line 246
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-snoopy.php, line 1218
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp.php, line 461
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/update-core.php, line 559
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/update-core.php, line 733
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-theme.php, line 217
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/class-wp-ms-themes-list-table.php, line 512
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-phpass.php, line 83
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-phpass.php, line 84
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-phpass.php, line 152
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-phpass.php, line 154
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/image.php, line 504
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/plugin.php, line 1338
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/rss.php, line 813
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/SimplePie\/Caption.php, line 120
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-text-diff-renderer-table.php, line 453
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-text-diff-renderer-table.php, line 454
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-text-diff-renderer-table.php, line 467
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-embed.php, line 232
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ms-site.php, line 965
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/SimplePie\/Copyright.php, line 92
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/SimplePie\/Cache\/Memcached.php, line 95
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ID3\/module.tag.apetag.php, line 314
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-term-query.php, line 740
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/SimplePie\/Author.php, line 102
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/schema.php, line 1078
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/cron.php, line 122
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/cron.php, line 302
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/cron.php, line 510
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/cron.php, line 600
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/cron.php, line 762
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/cron.php, line 1224
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ms-blogs.php, line 135
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ms-blogs.php, line 153
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ms-blogs.php, line 269
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/SimplePie\/Category.php, line 115
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-oembed-controller.php, line 174
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ms-functions.php, line 355
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ms-functions.php, line 374
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ms-functions.php, line 378
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ms-functions.php, line 788
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ms-functions.php, line 857
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ms-functions.php, line 2815
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-simplepie.php, line 736
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/rest-api\/endpoints\/class-wp-rest-pattern-directory-controller.php, line 125
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/misc.php, line 1347
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/misc.php, line 1451
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-pop3.php, line 190
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-comment-query.php, line 432
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-comment-query.php, line 999
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-site-query.php, line 339
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/upgrade.php, line 952
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/SimplePie\/Credit.php, line 101
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-network-query.php, line 248
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/file.php, line 518
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/SimplePie\/Restriction.php, line 101
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/import.php, line 143
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/bookmark.php, line 153
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/SimplePie\/Enclosure.php, line 271
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/SimplePie\/Source.php, line 73
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/SimplePie\/Item.php, line 116
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/PHPMailer\/SMTP.php, line 640
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/PHPMailer\/SMTP.php, line 648
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/default-constants.php, line 232
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/class-wp-community-events.php, line 315
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/class-wp-community-events.php, line 317
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/class-wp-plugins-list-table.php, line 951
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/SimplePie\/Cache\/Memcache.php, line 99
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/rest-api\/endpoints\/class-wp-rest-attachments-controller.php, line 1002
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/SimplePie\/Rating.php, line 92
\nInfo: MD5 hash (used in md5) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/pluggable.php, line 2566
\nInfo: SHA1 hash (used in sha1) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/pluggable.php, line 2567
\nInfo: SHA1 hash (used in sha1) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-recovery-mode-cookie-service.php, line 141
\nInfo: SHA1 hash (used in sha1) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-session-tokens.php, line 74
\nInfo: SHA1 hash (used in sha1) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/pluggable.php, line 2350
\nInfo: md5 hash (used in hash_hmac) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/pluggable.php, line 2373
\nInfo: md5 hash (used in hash_hmac) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/PHPMailer\/SMTP.php, line 627
\nInfo: md5 hash (used in hash_hmac) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ID3\/getid3.php, line 1669
\nInfo: MD5 hash (used in md5_file) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ID3\/getid3.php, line 1699
\nInfo: MD5 hash (used in md5_file) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/update-core.php, line 1120
\nInfo: MD5 hash (used in md5_file) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/update-core.php, line 1224
\nInfo: MD5 hash (used in md5_file) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/file.php, line 1258
\nInfo: MD5 hash (used in md5_file) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-admin\/includes\/class-core-upgrader.php, line 411
\nInfo: MD5 hash (used in md5_file) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/rest-api\/endpoints\/class-wp-rest-attachments-controller.php, line 1188
\nInfo: MD5 hash (used in md5_file) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/class-wp-recovery-mode-cookie-service.php, line 232
\nInfo: sha1 hash (used in hash_hmac) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ID3\/getid3.php, line 664
\nInfo: md5 hash (used in getHashdata) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ID3\/getid3.php, line 670
\nInfo: sha1 hash (used in getHashdata) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ID3\/getid3.php, line 1673
\nInfo: SHA1 hash (used in sha1_file) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [Medium] Use of Password Hash With Insufficient Computational Effort
\nPath: wordpress\/wp-includes\/ID3\/getid3.php, line 1703
\nInfo: SHA1 hash (used in sha1_file) is insecure. Consider changing it to a secure hashing algorithm.<\/p>\n
\u2717 [High] File Inclusion
\nPath: wordpress\/wp-includes\/blocks.php, line 99
\nInfo: Unsanitized input from data from a remote resource flows into _, where it is included dynamically. Allowing unvalidated user input to control files that are included dynamically in PHP can lead to malicious code execution.<\/p>\n
\u2717 [High] File Inclusion
\nPath: wordpress\/wp-includes\/ID3\/getid3.php, line 632
\nInfo: Unsanitized input from data from a remote resource flows into _, where it is included dynamically. Allowing unvalidated user input to control files that are included dynamically in PHP can lead to malicious code execution.<\/p>\n
\u2717 [High] File Inclusion
\nPath: wordpress\/wp-admin\/admin.php, line 291
\nInfo: Unsanitized input from an HTTP parameter flows into _, where it is included dynamically. Allowing unvalidated user input to control files that are included dynamically in PHP can lead to malicious code execution.<\/p>\n
\u2717 [High] File Inclusion
\nPath: wordpress\/wp-admin\/admin.php, line 293
\nInfo: Unsanitized input from an HTTP parameter flows into _, where it is included dynamically. Allowing unvalidated user input to control files that are included dynamically in PHP can lead to malicious code execution.<\/p>\n
\u2717 [High] File Inclusion
\nPath: wordpress\/wp-admin\/update.php, line 100
\nInfo: Unsanitized input from an HTTP parameter flows into _, where it is included dynamically. Allowing unvalidated user input to control files that are included dynamically in PHP can lead to malicious code execution.<\/p>\n
\u2717 [High] SQL Injection
\nPath: wordpress\/wp-admin\/includes\/class-wp-list-table.php, line 617
\nInfo: Unsanitized input from an HTTP parameter flows into prepare, where it is used in an SQL query. This may result in an SQL Injection vulnerability.<\/p>\n
\u2717 [High] SQL Injection
\nPath: wordpress\/wp-admin\/user-edit.php, line 108
\nInfo: Unsanitized input from an HTTP parameter flows into query, where it is used in an SQL query. This may result in an SQL Injection vulnerability.<\/p>\n
\u2717 [High] SQL Injection
\nPath: wordpress\/wp-admin\/user-edit.php, line 159
\nInfo: Unsanitized input from an HTTP parameter flows into query, where it is used in an SQL query. This may result in an SQL Injection vulnerability.<\/p>\n
\u2717 [High] SQL Injection
\nPath: wordpress\/wp-includes\/comment.php, line 1189
\nInfo: Unsanitized input from an HTTP parameter flows into query, where it is used in an SQL query. This may result in an SQL Injection vulnerability.<\/p>\n
\u2717 [High] SQL Injection
\nPath: wordpress\/wp-admin\/setup-config.php, line 317
\nInfo: Unsanitized input from an HTTP parameter flows into query, where it is used in an SQL query. This may result in an SQL Injection vulnerability.<\/p>\n
\u2717 [High] SQL Injection
\nPath: wordpress\/wp-includes\/comment.php, line 2933
\nInfo: Unsanitized input from the database flows into query, where it is used in an SQL query. This may result in an SQL Injection vulnerability.<\/p>\n
\u2717 [High] SQL Injection
\nPath: wordpress\/wp-includes\/comment.php, line 3128
\nInfo: Unsanitized input from the database flows into query, where it is used in an SQL query. This may result in an SQL Injection vulnerability.<\/p>\n
\u2717 [High] SQL Injection
\nPath: wordpress\/wp-includes\/comment.php, line 3129
\nInfo: Unsanitized input from the database flows into query, where it is used in an SQL query. This may result in an SQL Injection vulnerability.<\/p>\n
\u2717 [High] Server-Side Request Forgery (SSRF)
\nPath: wordpress\/wp-admin\/includes\/class-file-upload-upgrader.php, line 128
\nInfo: Unsanitized input from an HTTP parameter flows into unlink, where it is used as an URL to perform a request. This may result in a Server-Side Request Forgery vulnerability.<\/p>\n
\u2717 [High] Server-Side Request Forgery (SSRF)
\nPath: wordpress\/wp-includes\/class-wp-image-editor-gd.php, line 98
\nInfo: Unsanitized input from data from a remote resource flows into file_get_contents, where it is used as an URL to perform a request. This may result in a Server-Side Request Forgery vulnerability.<\/p>\n
\u2717 [High] Path Traversal
\nPath: wordpress\/wp-includes\/class-wp-image-editor-gd.php, line 98
\nInfo: Unsanitized input from data from a remote resource flows into file_get_contents, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.<\/p>\n
\u2717 [High] Path Traversal
\nPath: wordpress\/wp-admin\/includes\/class-file-upload-upgrader.php, line 128
\nInfo: Unsanitized input from an HTTP parameter flows into unlink, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to delete arbitrary files.<\/p>\n
\u2717 [High] Path Traversal
\nPath: wordpress\/wp-includes\/l10n.php, line 1169
\nInfo: Unsanitized input from an HTTP parameter flows into file_get_contents, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.<\/p>\n
\u2717 [High] Path Traversal
\nPath: wordpress\/wp-includes\/ms-files.php, line 87
\nInfo: Unsanitized input from an HTTP parameter flows into readfile, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to read arbitrary files.<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-login.php, line 221
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/user-edit.php, line 584
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/rest-api\/class-wp-rest-server.php, line 513
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-signup.php, line 116
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-signup.php, line 149
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-signup.php, line 261
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-signup.php, line 272
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-signup.php, line 278
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/media.php, line 2075
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/media.php, line 2346
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/media.php, line 2414
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/media.php, line 2592
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/media.php, line 2608
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/media.php, line 2740
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/media.php, line 2832
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/media.php, line 2902
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/network\/sites.php, line 388
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/class-wp-users-list-table.php, line 403
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/network\/site-info.php, line 171
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/install.php, line 432
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/nav-menus.php, line 720
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/nav-menus.php, line 1006
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/plugin-install.php, line 621
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/plugin-install.php, line 654
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/plugin-install.php, line 656
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/plugin-install.php, line 673
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/plugin-install.php, line 695
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/plugin-install.php, line 700
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/plugin-install.php, line 766
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/plugin-install.php, line 847
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/plugin-install.php, line 860
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/plugin-install.php, line 872
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/theme-editor.php, line 285
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/async-upload.php, line 67
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/async-upload.php, line 72
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/async-upload.php, line 88
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/async-upload.php, line 98
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/async-upload.php, line 155
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/widgets-form.php, line 302
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/blocks\/legacy-widget.php, line 119
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/load.php, line 1598
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/load.php, line 1605
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/authorize-application.php, line 140
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/network\/upgrade.php, line 124
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/network\/upgrade.php, line 128
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/comment-template.php, line 73
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/comment-template.php, line 254
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/comment-template.php, line 1028
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/comment-template.php, line 1974
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/comment-template.php, line 2704
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/plugins.php, line 641
\nInfo: Unsanitized input from an HTTP parameter flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/includes\/dashboard.php, line 1732
\nInfo: Unsanitized input from an HTTP header flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/js\/tinymce\/wp-tinymce.php, line 38
\nInfo: Unsanitized input from data from a remote resource flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/js\/tinymce\/wp-tinymce.php, line 41
\nInfo: Unsanitized input from data from a remote resource flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/js\/tinymce\/wp-tinymce.php, line 42
\nInfo: Unsanitized input from data from a remote resource flows into the echo statement, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).<\/p>\n
\u2717 [High] Regular Expression Denial of Service (ReDoS)
\nPath: wordpress\/wp-includes\/class-snoopy.php, line 322
\nInfo: Unsanitized user input from an HTTP parameter flows into preg_match, where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack (reDOS).<\/p>\n
\u2717 [High] Regular Expression Denial of Service (ReDoS)
\nPath: wordpress\/wp-includes\/class-snoopy.php, line 389
\nInfo: Unsanitized user input from an HTTP parameter flows into preg_match, where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack (reDOS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/nav-menu.js, line 1354
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/js\/plupload\/handlers.js, line 90
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/js\/plupload\/handlers.js, line 207
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/js\/plupload\/handlers.js, line 221
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/site-health.js, line 168
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/image-edit.js, line 540
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/image-edit.js, line 549
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/image-edit.js, line 557
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/image-edit.js, line 627
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/inline-edit-post.js, line 443
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/dashboard.js, line 151
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/inline-edit-tax.js, line 232
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/post.js, line 239
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/post.js, line 1019
\nInfo: Unsanitized input from data from a remote resource flows into html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-includes\/js\/plupload\/handlers.js, line 135
\nInfo: Unsanitized input from data from a remote resource flows into append, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/site-health.js, line 171
\nInfo: Unsanitized input from data from a remote resource flows into append, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/image-edit.js, line 483
\nInfo: Unsanitized input from data from a remote resource flows into append, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/post.js, line 68
\nInfo: Unsanitized input from data from a remote resource flows into append, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/tags.js, line 138
\nInfo: Unsanitized input from data from a remote resource flows into after, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/tags.js, line 155
\nInfo: Unsanitized input from data from a remote resource flows into after, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/tags-box.js, line 315
\nInfo: Unsanitized input from data from a remote resource flows into after, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/tags.js, line 141
\nInfo: Unsanitized input from data from a remote resource flows into prepend, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/inline-edit-post.js, line 432
\nInfo: Unsanitized input from data from a remote resource flows into before, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/inline-edit-tax.js, line 209
\nInfo: Unsanitized input from data from a remote resource flows into before, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/updates.js, line 2540
\nInfo: Unsanitized input from the document location flows into append, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/updates.js, line 2563
\nInfo: Unsanitized input from the document location flows into append, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/updates.js, line 2649
\nInfo: Unsanitized input from the document location flows into append, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Cross-site Scripting (XSS)
\nPath: wordpress\/wp-admin\/js\/updates.js, line 2547
\nInfo: Unsanitized input from the document location flows into prepend, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).<\/p>\n
\u2717 [High] Code Injection
\nPath: wordpress\/wp-includes\/js\/customize-preview.js, line 859
\nInfo: Unsanitized input from the document location flows into setInterval, where it is executed as JavaScript code. This may result in a Code Injection vulnerability.<\/p>\n
\u2714 Test completed<\/p>\n
Organization: undefined
\nTest type: Static code analysis
\nProject path: \/Users\/bezeklik\/Workspace\/snyk<\/p>\n
263 Code issues found
\n105 [High] 157 [Medium] 1 [Low]<\/p>\n<\/details>\n
\u5c3d\u7ba1\u6211\u8bd5\u7740\u8fdb\u884c\u4ee3\u7801\u68c0\u67e5\uff0c\u4f46\u4ee4\u4eba\u610f\u5916\u7684\u662f\uff0c\u5373\u4f7f\u662f\u6700\u65b0\u7248\u672c\uff0c\u4e5f\u53d1\u73b0\u4e86263\u4e2a\u95ee\u9898\u3002<\/p>\n
\u68c0\u6d4b\u53d7\u6b22\u8fce\u7684 PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u5f31\u70b9<\/p>\n
\u83b7\u53d6 GitHub \u4ed3\u5e93\u5217\u8868\u4e3a\u4e86\u68c0\u67e5\u76ee\u7684\uff0c\u6211\u4eec\u5c06\u4f7f\u7528GitHub Search API\u6765\u83b7\u53d6\u4e00\u4e9b\u4f7f\u7528PHP\u7f16\u5199\u7684\u5b58\u50a8\u5e93\u7684\u5217\u8868\uff0c\u5e76\u6309\u7167\u661f\u7ea7\u6392\u5e8f\u83b7\u53d6\u5927\u7ea650\u4e2a\u3002<\/p>\n
GITHUB_API<\/span>=<\/span>https:\/\/api.github.com\/search\/repositories\r\nLANGUAGE<\/span>=<\/span>php\r\nKEYWORD<\/span>=<\/span>''<\/span>\r\nSTARS<\/span>=<\/span>10000\r\ncurl --silent<\/span> \\<\/span>\r\n  --header<\/span> \"Accept: application\/vnd.github.v3+json\"<\/span> \\<\/span>\r\n  \"<\/span>${<\/span>GITHUB_API<\/span>}<\/span>?q=<\/span>${<\/span>KEYWORD<\/span>}<\/span>+in:name,description,readme+language:<\/span>${<\/span>LANGUAGE<\/span>}<\/span>+stars:>=<\/span>${<\/span>STARS<\/span>}<\/span>&sort=stars&order=desc&per_page=50\"<\/span> \\<\/span>\r\n  | jq --raw-output<\/span> '.items[] | [.full_name, .html_url, .language \/\/ \"-\", .stargazers_count] | @tsv'<\/span> \\<\/span>\r\n  | awk<\/span> '{printf(\"|%d|[%s](%s)|%s|%'<\/span>\"'\"<\/span>'d|\\n\", NR, $1, $2, $3, $4)}'<\/span>\r\n<\/code><\/pre>\n
\n
\u9806\u4f4d\u30ea\u30dd\u30b8\u30c8\u30ea\u8a00\u8a9e\u30b9\u30bf\u30fc\u65701laravel\/laravel<\/a>PHP67,7102danielmiessler\/SecLists<\/a>PHP35,9233blueimp\/jQuery-File-Upload<\/a>PHP31,0924fzaninotto\/Faker<\/a>PHP26,2715symfony\/symfony<\/a>PHP26,2296composer\/composer<\/a>PHP26,0007laravel\/framework<\/a>PHP25,6948guzzle\/guzzle<\/a>PHP21,3899DesignPatternsPHP\/DesignPatternsPHP<\/a>PHP20,16310Seldaek\/monolog<\/a>PHP19,37011bcit-ci\/CodeIgniter<\/a>PHP18,17312sebastianbergmann\/phpunit<\/a>PHP18,11213nextcloud\/server<\/a>PHP17,74414PHPMailer\/PHPMailer<\/a>PHP17,48915WordPress\/WordPress<\/a>PHP15,76416matomo-org\/matomo<\/a>PHP15,71317briannesbitt\/Carbon<\/a>PHP15,57018monicahq\/monica<\/a>PHP15,50919nikic\/PHP-Parser<\/a>PHP15,11220easychen\/howto-make-more-money<\/a>PHP14,93221erusev\/parsedown<\/a>PHP13,96422yiisoft\/yii2<\/a>PHP13,85323barryvdh\/laravel-debugbar<\/a>PHP13,49624koel\/koel<\/a>PHP13,11125getgrav\/grav<\/a>PHP13,07426filp\/whoops<\/a>PHP12,65227CachetHQ\/Cachet<\/a>PHP12,48128Intervention\/image<\/a>PHP12,30129thephpleague\/flysystem<\/a>PHP12,24130phacility\/phabricator<\/a>PHP12,22431flarum\/flarum<\/a>PHP12,19532barryvdh\/laravel-ide-helper<\/a>PHP11,90033vlucas\/phpdotenv<\/a>PHP11,65534roots\/sage<\/a>PHP11,53535PHPOffice\/PHPExcel<\/a>PHP11,47936ramsey\/uuid<\/a>PHP11,48037slimphp\/Slim<\/a>PHP11,17438the-control-group\/voyager<\/a>PHP10,80539octobercms\/october<\/a>PHP10,74140FriendsOfPHP\/PHP-CS-Fixer<\/a>PHP10,71141doctrine\/inflector<\/a>PHP10,67342PHPOffice\/PhpSpreadsheet<\/a>PHP10,63043phalcon\/cphalcon<\/a>PHP10,53544doctrine\/lexer<\/a>PHP10,51645egulias\/EmailValidator<\/a>PHP10,48746docker\/labs<\/a>PHP10,44747doctrine\/instantiator<\/a>PHP10,45748SpartnerNL\/Laravel-Excel<\/a>PHP10,42149tymondesigns\/jwt-auth<\/a>PHP10,31250z-song\/laravel-admin<\/a>PHP10,276<\/p>\n
GITHUB_API<\/span>=<\/span>https:\/\/api.github.com\/search\/repositories\r\nLANGUAGE<\/span>=<\/span>php\r\nKEYWORD<\/span>=<\/span>cms\r\nSTARS<\/span>=<\/span>900\r\ncurl --silent<\/span> \\<\/span>\r\n  --header<\/span> \"Accept: application\/vnd.github.v3+json\"<\/span> \\<\/span>\r\n  \"<\/span>${<\/span>GITHUB_API<\/span>}<\/span>?q=<\/span>${<\/span>KEYWORD<\/span>}<\/span>+in:name,description,readme+language:<\/span>${<\/span>LANGUAGE<\/span>}<\/span>+stars:>=<\/span>${<\/span>STARS<\/span>}<\/span>&sort=stars&order=desc&per_page=50\"<\/span> \\<\/span>\r\n  | jq --raw-output<\/span> '.items[] | [.full_name, .html_url, .language \/\/ \"-\", .stargazers_count] | @tsv'<\/span> \\<\/span>\r\n  | awk<\/span> '{printf(\"|%d|[%s](%s)|%s|%'<\/span>\"'\"<\/span>'d|\\n\", NR, $1, $2, $3, $4)}'<\/span>\r\n<\/code><\/pre>\n
\n
\u9806\u4f4d\u30ea\u30dd\u30b8\u30c8\u30ea\u8a00\u8a9e\u30b9\u30bf\u30fc\u65701laravel\/laravel<\/a>PHP67,7122erusev\/parsedown<\/a>PHP13,9643getgrav\/grav<\/a>PHP13,0744octobercms\/october<\/a>PHP10,7415serbanghita\/Mobile-Detect<\/a>PHP9,9006symfony\/http-kernel<\/a>PHP7,5517php-pm\/php-pm<\/a>PHP6,3588tijsverkoyen\/CssToInlineStyles<\/a>PHP5,5069pagekit\/pagekit<\/a>PHP5,45510bagisto\/bagisto<\/a>PHP4,14411bolt\/bolt<\/a>PHP4,13612joomla\/joomla-cms<\/a>PHP4,01213maximebf\/php-debugbar<\/a>PHP3,91514corcel\/corcel<\/a>PHP3,50815picocms\/Pico<\/a>PHP3,49516anchorcms\/anchor-cms<\/a>PHP3,35817pyrocms\/pyrocms<\/a>PHP3,08718craftcms\/cms<\/a>PHP2,71319antonioribeiro\/tracker<\/a>PHP2,63920area17\/twill<\/a>PHP2,54021BootstrapCMS\/CMS<\/a>PHP2,53122leokhoa\/laragon<\/a>PHP2,41923pimcore\/pimcore<\/a>PHP2,35424LavaLite\/cms<\/a>PHP2,34225helei112g\/payment<\/a>PHP2,29326microweber\/microweber<\/a>PHP2,22727Tuhinshubhra\/RED_HAWK<\/a>PHP1,90028oscarotero\/Embed<\/a>PHP1,80829rashidlaasri\/LaravelInstaller<\/a>PHP1,73530PHPCompatibility\/PHPCompatibility<\/a>PHP1,70531getsentry\/sentry-php<\/a>PHP1,59232statamic\/cms<\/a>PHP1,53133zorlan\/skycaiji<\/a>PHP1,51434fossasia\/phimpme-wordpress<\/a>PHP1,47735SecWiki\/CMS-Hunter<\/a>PHP1,47336nette\/tracy<\/a>PHP1,46137netz98\/n98-magerun<\/a>PHP1,43038lonnieezell\/Bonfire<\/a>PHP1,42739composer\/installers<\/a>PHP1,35040barbushin\/php-console<\/a>PHP1,34941bowu678\/php_bugs<\/a>PHP1,33942modxcms\/revolution<\/a>PHP1,25643hongriSec\/PHP-Audit-Labs<\/a>PHP1,18544forkcms\/forkcms<\/a>PHP1,13845magicblack\/maccms10<\/a>PHP1,13046cashmusic\/platform<\/a>PHP1,11947loklak\/loklak_php_api<\/a>PHP1,10648TypiCMS\/Base<\/a>PHP1,02449daylightstudio\/FUEL-CMS<\/a>PHP97950gantry\/gantry5<\/a>PHP946<\/p>\n
Snyk\uff08\u4f01\u4e1a\uff09\u662f\u4e00\u5bb6\u5f00\u53d1\u8005\u5b89\u5168\u9886\u57df\u7684\u516c\u53f8\u3002Salesforce\u548cAtlassian\u901a\u8fc7\u6295\u8d447500\u4e07\u7f8e\u5143\u8fdb\u4e00\u6b65\u52a0\u5f3a\u4e86\u5bf9Snyk\u7684\u652f\u6301\u3002\u5982\u679c\u4f60\u60f3\u77e5\u9053Snyk\u7684\u53d1\u97f3\uff0c\u53ef\u4ee5\u8bbf\u95ee\u4ed6\u4eec\u7684\u652f\u6301\u95e8\u6237\u7f51\u7ad9\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
\u9996\u5148\u7531\u4e8e\u8eab\u4f53\u4e0d\u9002\uff0c\u6211\u5df2\u7ecf\u8fde\u7eed\u4e24\u5929\u65e0\u6cd5\u53d1\u5e03\u5e16\u5b50\uff0c\u611f\u5230\u5f88\u4e22\u8138\u3002\u5929\u6c14\u53d8\u5f97\u660e\u663e\u5bd2\u51b7\uff0c\u5e0c\u671b\u5927\u5bb6\u4e5f\u8981\u6ce8\u610f\u4e0d\u8981\u611f\u5192\uff0c\u8bf7\u5927\u5bb6\u4fdd […]<\/p>\n","protected":false},"author":6,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[227],"class_list":["post-26985","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-227"],"yoast_head":"\n\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e - Blog - Silicon Cloud<\/title>\n<meta name=\"description\" content=\"\u5173\u4e8e\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e\u7684\u6280\u672f\u6587\u7ae0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u5728\u65b0\u5174\u7684-snyk-\u5e73\u53f0\u4e0a\u68c0\u6d4b-php-\u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e\u3002\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e\" \/>\n<meta property=\"og:description\" content=\"\u5173\u4e8e\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e\u7684\u6280\u672f\u6587\u7ae0\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u5728\u65b0\u5174\u7684-snyk-\u5e73\u53f0\u4e0a\u68c0\u6d4b-php-\u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e\u3002\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-10T20:08:48+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-08-11T16:08:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657cf3e637434c4406ba6ddd\/48-0.png\" \/>\n<meta name=\"author\" content=\"\u6587, \u7fd4\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u6587, \u7fd4\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/\",\"name\":\"\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-02-10T20:08:48+00:00\",\"dateModified\":\"2025-08-11T16:08:06+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c\"},\"description\":\"\u5173\u4e8e\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e\u7684\u6280\u672f\u6587\u7ae0\",\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c\",\"name\":\"\u6587, \u7fd4\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g\",\"caption\":\"\u6587, \u7fd4\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/wenxiang\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e - Blog - Silicon Cloud","description":"\u5173\u4e8e\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e\u7684\u6280\u672f\u6587\u7ae0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u5728\u65b0\u5174\u7684-snyk-\u5e73\u53f0\u4e0a\u68c0\u6d4b-php-\u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e\u3002\/","og_locale":"zh_CN","og_type":"article","og_title":"\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e","og_description":"\u5173\u4e8e\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e\u7684\u6280\u672f\u6587\u7ae0","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u5728\u65b0\u5174\u7684-snyk-\u5e73\u53f0\u4e0a\u68c0\u6d4b-php-\u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e\u3002\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-02-10T20:08:48+00:00","article_modified_time":"2025-08-11T16:08:06+00:00","og_image":[{"url":"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657cf3e637434c4406ba6ddd\/48-0.png"}],"author":"\u6587, \u7fd4","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u6587, \u7fd4","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"3 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/","name":"\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-02-10T20:08:48+00:00","dateModified":"2025-08-11T16:08:06+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c"},"description":"\u5173\u4e8e\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e\u7684\u6280\u672f\u6587\u7ae0","breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u5728\u65b0\u5174\u7684 Snyk \u5e73\u53f0\u4e0a\u68c0\u6d4b PHP \u5e94\u7528\u7a0b\u5e8f\u7684\u6f0f\u6d1e"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c","name":"\u6587, \u7fd4","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g","caption":"\u6587, \u7fd4"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/wenxiang\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%9c%a8%e6%96%b0%e5%85%b4%e7%9a%84-snyk-%e5%b9%b3%e5%8f%b0%e4%b8%8a%e6%a3%80%e6%b5%8b-php-%e5%ba%94%e7%94%a8%e7%a8%8b%e5%ba%8f%e7%9a%84%e6%bc%8f%e6%b4%9e%e3%80%82\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/26985","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=26985"}],"version-history":[{"count":3,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/26985\/revisions"}],"predecessor-version":[{"id":111053,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/26985\/revisions\/111053"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=26985"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=26985"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=26985"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}