快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 354228
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-12377 |
Gallery Plugin for WordPress – Envira Photo Gallery <= 1.12.0 - Missing Authorization to Authenticated (Author+) Multiple Gallery Actions
|
MEDIUM | 4.3 | 2025-11-13 |
smub Gallery Plugin for WordPress – Envira Photo Gallery
|
CVE NVD | |
| CVE-2025-64384 |
WordPress JetFormBuilder plugin <= 3.5.3 - Broken Access Control vulnerability
|
MEDIUM | 6.3 | 2025-11-13 |
jetmonsters JetFormBuilder
|
CVE NVD | |
| CVE-2025-64383 |
WordPress Qi Blocks plugin <= 1.4.3 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 6.5 | 2025-11-13 |
Qode Qi Blocks
|
CVE NVD | |
| CVE-2025-64382 |
WordPress Order Export & Order Import for WooCommerce plugin <= 2.6.7 - Broken Access Control vulnerability
|
MEDIUM | 4.3 | 2025-11-13 |
WebToffee Order Export & Order Import for WooCommerce
|
CVE NVD | |
| CVE-2025-64381 |
WordPress Booking Calendar plugin <= 10.14.7 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 6.5 | 2025-11-13 |
wpdevelop Booking Calendar
|
CVE NVD | |
| CVE-2025-64380 |
WordPress Booster for WooCommerce plugin <= 7.3.2 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 6.5 | 2025-11-13 |
Pluggabl Booster for WooCommerce
booster booster_for_woocommerce
|
CVE NVD | |
| CVE-2025-64379 |
WordPress Booster for WooCommerce plugin <= 7.4.0 - Broken Access Control vulnerability
|
MEDIUM | 4.3 | 2025-11-13 |
Pluggabl Booster for WooCommerce
booster booster_for_woocommerce
|
CVE NVD | |
| CVE-2025-64370 |
WordPress YOP Poll plugin <= 6.5.38 - Broken Access Control vulnerability
|
MEDIUM | 5.3 | 2025-11-13 |
YOP YOP Poll
|
CVE NVD | |
| CVE-2025-64369 |
WordPress Contact Form Email plugin <= 1.3.58 - Broken Access Control vulnerability
|
MEDIUM | 6.5 | 2025-11-13 |
codepeople Contact Form Email
|
CVE NVD | |
| CVE-2025-64292 |
WordPress Analytics Germanized for Google Analytics plugin <= 1.6.2 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 5.4 | 2025-11-13 |
PascalBajorat Analytics Germanized for Google Analytics
|
CVE NVD | |
| CVE-2025-64277 |
WordPress ChatBot plugin <= 7.3.9 - Broken Access Control vulnerability
|
MEDIUM | 5.3 | 2025-11-13 |
QuantumCloud ChatBot
|
CVE NVD | |
| CVE-2025-64276 |
WordPress Survey Maker plugin <= 5.1.9.4 - Broken Access Control vulnerability
|
MEDIUM | 6.5 | 2025-11-13 |
Ays Pro Survey Maker
|
CVE NVD | |
| CVE-2025-64275 |
WordPress Booking Manager plugin <= 2.1.17 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 6.5 | 2025-11-13 |
wpdevelop Booking Manager
|
CVE NVD | |
| CVE-2025-64274 |
WordPress WPKoi Templates for Elementor plugin <= 3.4.4 - Broken Access Control vulnerability
|
MEDIUM | 4.3 | 2025-11-13 |
wpkoithemes WPKoi Templates for Elementor
|
CVE NVD | |
| CVE-2025-64271 |
WordPress WP Plugin Manager plugin <= 1.4.7 - Cross Site Request Forgery (CSRF) vulnerability
|
MEDIUM | 6.5 | 2025-11-13 |
HasThemes WP Plugin Manager
|
CVE NVD | |
| CVE-2025-64269 |
WordPress WooCommerce PDF Invoice Builder plugin <= 1.2.150 - Broken Access Control vulnerability
|
MEDIUM | 4.3 | 2025-11-13 |
EDGARROJAS WooCommerce PDF Invoice Builder
|
CVE NVD | |
| CVE-2025-64267 |
WordPress WooCommerce Ultimate Points And Rewards plugin <= 2.10.2 - Sensitive Data Exposure vulnerability
|
MEDIUM | 4.3 | 2025-11-13 |
WPSwings WooCommerce Ultimate Points And Rewards
|
CVE NVD | |
| CVE-2025-64265 |
WordPress Frontend File Manager plugin <= 23.2 - Broken Access Control vulnerability
|
MEDIUM | 4.3 | 2025-11-13 |
N-Media Frontend File Manager
|
CVE NVD | |
| CVE-2025-64264 |
WordPress Popup addon for Ninja Forms plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 5.9 | 2025-11-13 |
Aman Popup addon for Ninja Forms
|
CVE NVD | |
| CVE-2025-64263 |
WordPress WP Content Pilot plugin <= 2.1.7 - Broken Access Control vulnerability
|
MEDIUM | 5.4 | 2025-11-13 |
PluginEver WP Content Pilot
|
CVE NVD |