精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 352999
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-14132
Category Dropdown List <= 1.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
MEDIUM 6.1 2025-12-12
pandikamal03 Category Dropdown List
CVE NVD
CVE-2025-13971
TWW Protein Calculator <= 1.0.24 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Header' Setting
MEDIUM 4.4 2025-12-12
thewellnessway TWW Protein Calculator
CVE NVD
CVE-2025-13906
WP Flot <= 0.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-12
ysh WP Flot
CVE NVD
CVE-2025-13988
评论小秘书 <= 1.3.2 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
MEDIUM 6.1 2025-12-12
thobian 评论小秘书
CVE NVD
CVE-2025-13966
Paypal Payment Shortcode <= 1.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'buttom_image' Shortcode Attribute
MEDIUM 6.4 2025-12-12
sonlamtn200 Paypal Payment Shortcode
CVE NVD
CVE-2025-13961
Data Visualizer <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-12
subhransu-sekhar Data Visualizer
CVE NVD
CVE-2025-13884
Hide Email Address <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-12
buntegiraffe Hide Email Address
CVE NVD
CVE-2025-14035
DebateMaster <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Color Options via 'debate' Shortcode
MEDIUM 4.4 2025-12-12
jeremybmerrill DebateMaster
CVE NVD
CVE-2025-13840
BUKAZU Search widget <= 3.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'shortcode' Shortcode Attribute
MEDIUM 6.4 2025-12-12
bobvanoorschot BUKAZU Search widget
CVE NVD
CVE-2025-13960
GPXpress <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-12
davidkeen GPXpress
CVE NVD
CVE-2025-13320
WP User Manager <= 2.9.12 - Authenticated (Subscriber+) Arbitrary File Deletion via 'current_user_avatar' Parameter
MEDIUM 6.8 2025-12-12
wpusermanager WP User Manager – User Profile Builder & Membership
CVE NVD
CVE-2025-13440
Premmerce Wishlist for WooCommerce <= 1.1.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wishlist Deletion
MEDIUM 5.3 2025-12-12
premmerce Premmerce Wishlist for WooCommerce
CVE NVD
CVE-2025-14392
Simple Theme Changer <= 1.0. - Missing Authorization to Plugin Settings Update via AJAX Actions
MEDIUM 4.3 2025-12-12
darendev Simple Theme Changer
CVE NVD
CVE-2025-14032
Bold Timeline Lite <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Parameter in 'bold_timeline_group' Shortcode
MEDIUM 6.4 2025-12-12
boldthemes Bold Timeline Lite
CVE NVD
CVE-2025-13969
Reviews Sorted <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'space' Shortcode Attribute
MEDIUM 6.4 2025-12-12
eurisko Reviews Sorted
CVE NVD
CVE-2025-14161
Truefy Embed <= 1.1.0 - Cross-Site Request Forgery to 'truefy_embed_options_update' Settings Update
MEDIUM 4.3 2025-12-12
truefy Truefy Embed
CVE NVD
CVE-2025-14354
Resource Library for Logged In Users <= 1.4 - Cross-Site Request Forgery to Multiple Administrative Actions
MEDIUM 4.3 2025-12-12
doubledome Resource Library for Logged In Users
CVE NVD
CVE-2025-14165
Kirim.Email WooCommerce Integration <= 1.2.9 - Cross-Site Request Forgery to Settings Update
MEDIUM 4.3 2025-12-12
developerke Kirim.Email WooCommerce Integration
CVE NVD
CVE-2025-13846
Easy Map Creator <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-12
qrevo Easy Map Creator
CVE NVD
CVE-2025-13363
IMAQ Core <= 1.2.1 - Cross-Site Request Forgery to URL Structure Update
MEDIUM 4.3 2025-12-12
imaqpress IMAQ CORE
CVE NVD