精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 354145
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-13196
Element Pack Addons for Elementor <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Street Map widget
MEDIUM 5.4 2025-11-18
bdthemes Element Pack Addons for Elementor
CVE NVD
CVE-2025-4212
Checkout Files Upload for WooCommerce <= 2.2.1 - Unauthenticated Stored Cross-Site Scripting
HIGH 7.2 2025-11-18
wpwham Checkout Files Upload for WooCommerce
CVE NVD
CVE-2025-11734
Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links <= 1.2.5 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Trashing
MEDIUM 5.4 2025-11-18
aioseo Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links
CVE NVD
CVE-2025-40545
SolarWinds Observability Self-Hosted Open Redirection Vulnerability
MEDIUM 4.8 2025-11-18
SolarWinds SolarWinds Observability Self-Hosted solarwinds observability_self-hosted
CVE NVD
CVE-2025-26391
SolarWinds Observability Self-Hosted XSS Vulnerability
MEDIUM 5.4 2025-11-18
SolarWinds SolarWinds Observability Self-Hosted solarwinds observability_self-hosted
CVE NVD
CVE-2025-40549
SolarWinds Serv-U Path Restriction Bypass Vulnerability
CRITICAL 9.1 2025-11-18
SolarWinds Serv-U solarwinds serv-u
CVE NVD
CVE-2025-40548
SolarWinds Serv-U Broken Access Control - Remote Code Execution Vulnerability
CRITICAL 9.1 2025-11-18
SolarWinds Serv-U solarwinds serv-u
CVE NVD
CVE-2025-40547
SolarWinds Serv-U Logic Abuse - Remote Code Execution Vulnerability
CRITICAL 9.1 2025-11-18
SolarWinds Serv-U solarwinds serv-u
CVE NVD
CVE-2025-11868
everviz <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-11-18
everviz everviz – Charts, Maps and Tables – Interactive and responsive
CVE NVD
CVE-2025-12078
ArtiBot Free Chat Bot for WebSites <= 1.1.7 - Reflected Cross-Site Scripting via PostMessage
MEDIUM 6.1 2025-11-18
artibot ArtiBot Free Chat Bot for WebSites
CVE NVD
CVE-2025-12406
Project Honey Pot Spam Trap <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
MEDIUM 6.1 2025-11-18
awensley Project Honey Pot Spam Trap
CVE NVD
CVE-2025-12961
Download Panel <= 1.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Modification
MEDIUM 4.3 2025-11-18
arkadiykilesso Download Panel (Biggiko Team)
CVE NVD
CVE-2025-13088
Category and Product Woocommerce Tabs <= 1.0 - Authenticated (Contributor+) Local File Inclusion
HIGH 8.8 2025-11-18
ikhodal Category and Product Woocommerce Tabs
CVE NVD
CVE-2025-12372
The Permalinks Cascade <= 2.2 - Missing Authorization To Authenticated (Subscriber+) Plugin Settings Update
MEDIUM 4.3 2025-11-18
_luigi The Permalinks Cascade
CVE NVD
CVE-2025-12775
WP Dropzone <= 1.1.0 - Authenticated (Subscriber+) Arbitrary File Upload
HIGH 8.8 2025-11-18
nazsabuz WP Dropzone
CVE NVD
CVE-2025-8609
RTMKit Addons <= 1.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Repeater Block Attribute
MEDIUM 6.4 2025-11-18
rometheme RTMKit
CVE NVD
CVE-2025-12173
WP Admin Microblog <= 3.1.1 - Cross-Site Request Forgery to Message Creation
MEDIUM 4.3 2025-11-18
winkm89 WP Admin Microblog
CVE NVD
CVE-2025-12937
ACF Flexible Layouts Manager <= 1.1.6 - Missing Authorization to Unauthenticated Custom Field Update
MEDIUM 6.5 2025-11-18
valentinpellegrin ACF Flexible Layouts Manager
CVE NVD
CVE-2025-8605
Gutenify - Visual Site Builder Blocks & Site Templates <= 1.5.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Count Up block
MEDIUM 6.4 2025-11-18
codeyatri Gutenify – Visual Site Builder Blocks & Site Templates.
CVE NVD
CVE-2025-12827
Top Friends <= 0.3 - Cross-Site Request Forgery to Settings Update
MEDIUM 4.3 2025-11-18
denishua Top Friends
CVE NVD