快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352871
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-36754 |
Growatt ShineLan-X 安全漏洞
|
CRITICAL | 9.3 | 2025-12-13 |
Growatt ShineLan-X
|
CVE NVD +1 | |
| CVE-2025-36748 |
Growatt ShineLan-X 安全漏洞
|
HIGH | 8.4 | 2025-12-13 |
Growatt ShineLan-X
growatt shine_lan-x_firmware
|
CVE NVD +1 | |
| CVE-2025-36750 |
Growatt ShineLan-X 安全漏洞
|
HIGH | 8.5 | 2025-12-13 |
Growatt ShineLan-X
growatt shine_lan-x_firmware
|
CVE NVD +1 | |
| CVE-2025-36753 |
Growatt ShineLan-X 安全漏洞
|
HIGH | 8.6 | 2025-12-13 |
Growatt ShineLan-X
growatt shine_lan-x_firmware
|
CVE NVD +1 | |
| CVE-2025-36751 |
Growatt ShineLan-X 安全漏洞
|
CRITICAL | 9.4 | 2025-12-13 |
Growatt ShineLan-X
|
CVE NVD +1 | |
| CVE-2025-10289 |
Filter & Grids <= 3.2.0 - Unauthenticated SQL Injection
|
MEDIUM | 5.9 | 2025-12-13 |
wssoffice21 Filter & Grids
|
CVE NVD | |
| CVE-2025-8779 |
All-in-One Addons for Elementor – WidgetKit <= 2.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team and Countdown Widgets
|
MEDIUM | 6.4 | 2025-12-13 |
shamsbd71 All-in-One Addons for Elementor – WidgetKit
|
CVE NVD | |
| CVE-2025-9207 |
TI WooCommerce Wishlist <= 2.10.0 - Unauthenticated HTML Injection
|
MEDIUM | 5.3 | 2025-12-13 |
templateinvaders TI WooCommerce Wishlist
|
CVE NVD | |
| CVE-2025-10738 |
URL Shortener Plugin For WordPress <= 3.0.7 - Unauthenticated SQL Injection
|
CRITICAL | 9.8 | 2025-12-13 |
rupok98 URL Shortener Plugin For WordPress
|
CVE NVD | |
| CVE-2025-14586 |
TOTOLINK X5000R cstecgi.cgi snprintf os command injection
|
MEDIUM | 5.3 | 2025-12-13 |
TOTOLINK X5000R
totolink x5000r_firmware
|
CVE NVD | |
| CVE-2025-9116 |
WordPress plugin WPS Visitor Counter Plugin 安全漏洞
|
MEDIUM | 5.8 | 2025-12-13 |
Unknown WPS Visitor Counter Plugin
|
CVE NVD +1 | |
| CVE-2025-12362 |
myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program <= 2.9.7 - Missing Authorization to Unauthenticated Withdrawal Request Approval
|
MEDIUM | 5.3 | 2025-12-13 |
saadiqbal myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program.
|
CVE NVD | |
| CVE-2025-14446 |
Popup Builder <= 1.1.37 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Reset
|
MEDIUM | 6.5 | 2025-12-13 |
ghozylab Popup Builder
|
CVE NVD | |
| CVE-2025-11693 |
Export WP Page to Static HTML & PDF <= 4.3.4 - Unauthenticated Cookie Exposure via Log File
|
CRITICAL | 9.8 | 2025-12-13 |
recorp Export WP Pages to HTML & PDF – Simply Create a Static Website
|
CVE NVD | |
| CVE-2025-9488 |
Redux Framework <= 4.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via data Parameter
|
MEDIUM | 6.4 | 2025-12-13 |
davidanderson Redux Framework
|
CVE NVD | |
| CVE-2025-12109 |
Header Footer Script Adder – Insert Code in Header, Body & Footer <= 2.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-12-13 |
mahethekiller Header Footer Script Adder – Insert Code in Header, Body & Footer
|
CVE NVD | |
| CVE-2025-13092 |
Devs CRM – Manage tasks, attendance and teams all together <= 1.1.8 - Unauthenticated Information Expsoure
|
MEDIUM | 5.3 | 2025-12-13 |
ajitdas Devs CRM – Manage tasks, attendance and teams all together
|
CVE NVD | |
| CVE-2025-14394 |
Popover Windows <= 1.2 - Cross-Site Request Forgery to Arbitrary Popover Configuration Update
|
MEDIUM | 4.3 | 2025-12-13 |
melodicmedia Popover Windows
|
CVE NVD | |
| CVE-2025-14365 |
Eyewear prescription form <= 6.0.1 - Missing Authorization to Unauthenticated Arbitrary WooCommerce Category Deletion
|
MEDIUM | 5.3 | 2025-12-13 |
dugudlabs Eyewear prescription form
|
CVE NVD | |
| CVE-2025-12077 |
WP to LinkedIn Auto Publish <= 1.9.8 - Reflected Cross-Site Scripting via PostMessage
|
MEDIUM | 6.1 | 2025-12-13 |
f1logic WP to LinkedIn Auto Publish
|
CVE NVD |