快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 340282
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-12672 |
Flickr Show <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
nuvuscripts Flickr Show
|
CVE NVD | |
| CVE-2025-11997 |
Document Pro Elementor – Documentation & Knowledge Base <= 1.0.9 - Unauthenticated Information Exposure
|
MEDIUM | 5.3 | 2025-11-11 |
ngothoai Document Pro Elementor – Documentation & Knowledge Base
|
CVE NVD | |
| CVE-2025-11451 |
Auto Amazon Links – Amazon Associates Affiliate Plugin <= 5.4.3 - Unauthenticated Arbitrary File Read
|
HIGH | 7.5 | 2025-11-11 |
miunosoft Auto Amazon Links – Amazon Associates Affiliate Plugin
|
CVE NVD | |
| CVE-2025-12010 |
Authors List <= 2.0.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Limited Method Call in Plugin's Shortcode
|
MEDIUM | 6.5 | 2025-11-11 |
wpkube Authors List
|
CVE NVD | |
| CVE-2025-12754 |
Geopost <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
rampantlogic Geopost
|
CVE NVD | |
| CVE-2025-11805 |
Skip to Timestamp <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
doytch Skip to Timestamp
|
CVE NVD | |
| CVE-2025-12644 |
Nonaki – Drag and Drop Email Template builder and Newsletter plugin for WordPress <= 1.0.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Fields
|
MEDIUM | 6.4 | 2025-11-11 |
wpcox Nonaki – Drag and Drop Email Template builder and Newsletter plugin for WordPress
|
CVE NVD | |
| CVE-2025-11886 |
CTL Arcade Lite <= 1.0 - Cross-Site Request Forgery to Plugin Activation and Deactivation
|
MEDIUM | 4.3 | 2025-11-11 |
codethislab CTL Arcade Lite
|
CVE NVD | |
| CVE-2025-12632 |
RandomQuotr <= 1.0.4 - Authenticated (Admin+) Stored Cross-Site Scripting
|
MEDIUM | 5.5 | 2025-11-11 |
loveless RandomQuotr
|
CVE NVD | |
| CVE-2025-12538 |
Fleet Manager <= 2.5.1 - Authenticated (Editor+) Stored Cross-Site Scripting
|
MEDIUM | 4.4 | 2025-11-11 |
iworks Fleet Manager
|
CVE NVD | |
| CVE-2025-12880 |
Progress Bar Blocks for Gutenberg <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG
|
MEDIUM | 5.4 | 2025-11-11 |
jobayer534 Progress Bar Blocks for Gutenberg
|
CVE NVD | |
| CVE-2025-11996 |
Find Unused Images <= 1.0.7 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion
|
MEDIUM | 5.3 | 2025-11-11 |
toastwebsites Find Unused Images
|
CVE NVD | |
| CVE-2025-11863 |
My Geo Posts Free <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
mindstien My Geo Posts Free
|
CVE NVD | |
| CVE-2025-11988 |
Crypto Tool <= 2.22 - Missing Authentication to Unauthenticated Limited File Deletion
|
MEDIUM | 5.3 | 2025-11-11 |
odude Crypto Tool
|
CVE NVD | |
| CVE-2025-11829 |
Five9 Live Chat <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
five9 Five9 Live Chat
|
CVE NVD | |
| CVE-2025-12652 |
Ungapped Widgets <= 1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
oscaruribe Ungapped Widgets
|
CVE NVD | |
| CVE-2025-11168 |
Mementor Core <= 2.2.5 - Authenticated (Subscriber+) Privilege Escalation
|
HIGH | 8.8 | 2025-11-11 |
mvirik Mementor Core
|
CVE NVD | |
| CVE-2025-11873 |
WP BBCode <= 1.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
eflyjason WP BBCode
|
CVE NVD | |
| CVE-2025-11874 |
Slippy Slider – Responsive Touch Navigation Slider <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 5.4 | 2025-11-11 |
mitegvg Slippy Slider – Responsive Touch Navigation Slider
|
CVE NVD | |
| CVE-2025-11891 |
Shelf Planner <= 2.7.0 - Unauthenticated Information Exposure via Log Files
|
MEDIUM | 5.3 | 2025-11-11 |
shelfplanner Shelf Planner
|
CVE NVD |