快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352348
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-34290 |
Versa SASE Client for Windows 安全漏洞
|
HIGH | 8.5 | 2025-12-20 |
Versa Networks SASE Client for Windows
|
CVE NVD +1 | |
| CVE-2025-7782 |
WP JobHunt <= 7.7 - Missing Authorization to Authenticated (Candidate+) Stored Cross-Site Scripting via 'status'
|
HIGH | 7.6 | 2025-12-20 |
未知
|
CVE NVD | |
| CVE-2025-7733 |
WP JobHunt <= 7.7 - Authenticated (Candidate+) Insecure Direct Object Reference
|
MEDIUM | 4.3 | 2025-12-20 |
未知
|
CVE NVD | |
| CVE-2025-14298 |
FiboSearch – Ajax Search for WooCommerce <= 1.32.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via thegem_te_search Shortcode
|
MEDIUM | 5.4 | 2025-12-20 |
damian-gora FiboSearch – Ajax Search for WooCommerce
|
CVE NVD | |
| CVE-2025-12492 |
Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.11.0 - Unauthenticated Sensitive Information Exposure
|
MEDIUM | 5.3 | 2025-12-20 |
ultimatemember Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin
|
CVE NVD | |
| CVE-2025-13619 |
Flex Store Users <= 1.1.0 - Unauthenticated Privilege Escalation
|
CRITICAL | 9.8 | 2025-12-20 |
CMSSuperHeroes Flex Store Users
|
CVE NVD | |
| CVE-2025-12820 |
WordPress plugin Pure WC Variation Swatches 安全漏洞
|
MEDIUM | 5.3 | 2025-12-20 |
Unknown Pure WC Variation Swatches
|
CVE NVD +1 | |
| CVE-2025-13365 |
WP Hallo Welt <= 1.4. - Cross-Site Request Forgery to Stored Cross-Site Scripting
|
MEDIUM | 6.1 | 2025-12-20 |
tikolan WP Hallo Welt
|
CVE NVD | |
| CVE-2025-12581 |
Attachments Handler <= 1.1.7 - Reflected Cross-Site Scripting
|
MEDIUM | 6.1 | 2025-12-20 |
kaizencoders Attachments Handler
|
CVE NVD | |
| CVE-2025-13329 |
File Uploader for WooCommerce <= 1.0.3 - Unauthenticated Arbitrary File Upload via add-image-data
|
CRITICAL | 9.8 | 2025-12-20 |
snowray File Uploader for WooCommerce
|
CVE NVD | |
| CVE-2025-14168 |
WP DB Booster <= 1.0.1 - Cross-Site Request Forgery to Database Cleanup
|
MEDIUM | 4.3 | 2025-12-20 |
wpmaniax WP DB Booster
|
CVE NVD | |
| CVE-2025-13624 |
Overstock Affiliate Links <= 1.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
|
MEDIUM | 6.1 | 2025-12-20 |
travishoki Overstock Affiliate Links
|
CVE NVD | |
| CVE-2025-14633 |
F70 Lead Document Download <= 1.4.4 - Missing Authorization to Unauthenticated Arbitrary Media File Download
|
MEDIUM | 5.3 | 2025-12-20 |
niao70 F70 Lead Document Download
|
CVE NVD | |
| CVE-2025-14721 |
Responsive and Swipe slider <= 1.0.2 - Authenticated (Editor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 5.5 | 2025-12-20 |
mansoormunib RESPONSIVE AND SWIPE SLIDER!
|
CVE NVD | |
| CVE-2025-12898 |
Pretty Google Calendar <= 2.0.0 - Missing Authorization to Unauthenticated Google API Key Exposure
|
MEDIUM | 5.3 | 2025-12-20 |
lbell Pretty Google Calendar
|
CVE NVD | |
| CVE-2025-14734 |
Amazon affiliate lite Plugin <= 1.0.0 - Cross-Site Request Forgery to Plugin Settings Update
|
MEDIUM | 5.4 | 2025-12-20 |
nestornoe Amazon affiliate lite Plugin
|
CVE NVD | |
| CVE-2025-14164 |
Quran Gateway <= 1.5 - Cross-Site Request Forgery to Settings Update
|
MEDIUM | 4.3 | 2025-12-20 |
edckwt Quran Gateway
|
CVE NVD | |
| CVE-2025-14735 |
Amazon affiliate lite Plugin <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
|
MEDIUM | 4.4 | 2025-12-20 |
nestornoe Amazon affiliate lite Plugin
|
CVE NVD | |
| CVE-2025-14591 |
PII Leak Due to Change in EOR Handling
|
MEDIUM | 5.3 | 2025-12-20 |
Perforce Delphix Continuous Compliance
perforce delphix_continuous_compliance
|
CVE NVD | |
| CVE-2025-14300 |
Unauthenticated Access to connectAP API Endpoint on Tapo C200
|
HIGH | 8.7 | 2025-12-20 |
TP-Link Systems Inc. Tapo C200 V3
tp-link tapo_c200_firmware
+11个
|
CVE NVD |