漏洞列表 - 漏洞数据展示平台

快速搜索提示： 按厂商查询（如：microsoft）| 按产品查询（如：microsoft sql_server）

搜索关键词支持模糊搜索，但速度较慢

严重程度

数据源

排序

常用厂商： microsoft cisco google apple oracle

示例： microsoft sql_server cisco ios apache http_server

漏洞列表 354145

CVE ID	标题	严重程度	CVSS	发布时间	受影响产品	数据源
CVE-2025-12545	Pixel Manager for WooCommerce – Track Conversions and Analytics, Google Ads, TikTok and more <= 1.49.2 - Unauthenticated Information Exposure	MEDIUM	5.3	2025-11-18	alekv Pixel Manager for WooCommerce – Track Conversions and Analytics, Google Ads, TikTok and more	CVE NVD
CVE-2025-12376	Icon List Block – Add Icon-Based Lists with Custom Styles <= 1.2.1 - Authenticated (Subscriber+) Server-Side Request Forgery	MEDIUM	6.4	2025-11-18	bplugins Icon List Block – Add Icon-Based Lists with Custom Styles	CVE NVD
CVE-2025-59116	User enumeration in Windu CMS	MEDIUM	6.9	2025-11-18	JCD Windu CMS windu windu_cms	CVE NVD
CVE-2025-59111	Broken Access Control in Windu CMS	MEDIUM	6.9	2025-11-18	JCD Windu CMS windu windu_cms	CVE NVD
CVE-2025-59117	Multiple Stored XSS in Windu CMS	MEDIUM	4.8	2025-11-18	JCD Windu CMS windu windu_cms	CVE NVD
CVE-2025-59115	Stored XSS in Windu CMS	MEDIUM	5.3	2025-11-18	JCD Windu CMS windu windu_cms	CVE NVD
CVE-2025-59114	Cross-Site Request Forgery in Windu CMS	MEDIUM	5.1	2025-11-18	JCD Windu CMS windu windu_cms	CVE NVD
CVE-2025-59113	Bruteforce Protection Bypass in Windu CMS	MEDIUM	6.9	2025-11-18	JCD Windu CMS windu windu_cms	CVE NVD
CVE-2025-59112	Cross-Site Request Forgery in Windu CMS	MEDIUM	5.1	2025-11-18	JCD Windu CMS windu windu_cms	CVE NVD
CVE-2025-59110	Cross-Site Request Forgery in Windu CMS	MEDIUM	6.8	2025-11-18	JCD Windu CMS windu windu_cms	CVE NVD
CVE-2025-13347	SourceCodester Train Station Ticketing System ajax.php sql injection	MEDIUM	5.3	2025-11-18	SourceCodester Train Station Ticketing System oretnom23 train_station_ticketing_system	CVE NVD
CVE-2025-13346	SourceCodester Train Station Ticketing System ajax.php sql injection	MEDIUM	5.3	2025-11-18	SourceCodester Train Station Ticketing System oretnom23 train_station_ticketing_system	CVE NVD
CVE-2025-8084	AI Engine <= 3.1.8 - Authenticated (Editor+) Server-Side Request Forgery	MEDIUM	6.8	2025-11-18	tigroumeow AI Engine	CVE NVD
CVE-2025-9312	Improper Certificate-Based Authentication Enforcement in Multiple WSO2 Products	CRITICAL	9.8	2025-11-18	WSO2 WSO2 API Manager WSO2 WSO2 API Control Plane +52个	CVE NVD
CVE-2025-13345	SourceCodester Train Station Ticketing System ajax.php sql injection	MEDIUM	5.3	2025-11-18	SourceCodester Train Station Ticketing System oretnom23 train_station_ticketing_system	CVE NVD
CVE-2025-13344	SourceCodester Train Station Ticketing System ajax.php sql injection	MEDIUM	6.9	2025-11-18	SourceCodester Train Station Ticketing System oretnom23 train_station_ticketing_system	CVE NVD
CVE-2025-13343	SourceCodester Interview Management System editQuestion.php cross site scripting	MEDIUM	5.1	2025-11-18	SourceCodester Interview Management System janobe interview_management_system	CVE NVD
CVE-2025-6670	Cross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin Services	HIGH	8.8	2025-11-18	WSO2 WSO2 Open Banking AM WSO2 WSO2 Open Banking IAM +35个	CVE NVD
CVE-2025-41350	Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este	MEDIUM	5.1	2025-11-18	Informática del Este WinPlus iest winplus	CVE NVD
CVE-2025-41349	Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este	MEDIUM	5.1	2025-11-18	Informática del Este WinPlus iest winplus	CVE NVD

耗时统计

总耗时:	254.24 ms
构建查询耗时:	0.0 ms
统计耗时:	243.81 ms
获取数据耗时:	9.69 ms
数据转换耗时:	0.74 ms

数据统计

匹配文档数:	354145
返回文档数:	20
当前页码:	596
每页数量:	20
跳过记录数:	11900

查询详情

查询集合:	`uni_vulnerabilities`
使用过滤器:	否
搜索关键词:	-
严重程度:	-
数据源:	-
效率分析:	良好查询速度正常

优化建议：

匹配文档数量很大（354145），建议使用更精确的搜索条件
当前未使用任何过滤条件，查询全部数据可能较慢

漏洞列表 354145

参考链接