解决:wordpress WPImageEditorImagick 指令注入漏洞

漏洞名称:wordpress WP_Image_Editor_Imagick 指令注入漏洞

在/wp-includes/media.php的_wp_image_editor_choose函数内部找到:

$implementations = apply_filters( 'wp_image_editors', array( 'WP_Image_Editor_Imagick' ,  'WP_Image_Editor_GD' ) );

  修改为

$implementations = apply_filters( 'wp_image_editors', array(  'WP_Image_Editor_GD' ,'WP_Image_Editor_Imagick' ) );

  完成。

posted @ 2016-06-29 09:42  SPAM  阅读(2181)  评论(0编辑  收藏  举报