快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 354299
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-12021 |
WP-OAuth <= 0.4.1 - Reflected Cross-Site Scripting
|
MEDIUM | 6.1 | 2025-11-11 |
hectavex WP-OAuth
|
CVE NVD | |
| CVE-2025-12588 |
USB Qr Code Scanner For Woocommerce <= 1.0.0 - Cross-Site Request Forgery to Settings Update
|
MEDIUM | 4.3 | 2025-11-11 |
behzadrohizadeh USB Qr Code Scanner For Woocommerce
|
CVE NVD | |
| CVE-2025-12020 |
Double the Donation <= 2.0.0 - Authenticated (Admin+) Stored Cross-Site Scripting
|
MEDIUM | 4.9 | 2025-11-11 |
kanwei_doublethedonation Double the Donation – A workplace giving tool
|
CVE NVD | |
| CVE-2025-12132 |
WP Custom Admin Login Page Logo <= 1.4.8.4 - Cross-Site Request Forgery to Settings Update
|
MEDIUM | 4.3 | 2025-11-11 |
larsactionhero WP Custom Admin Login Page Logo
|
CVE NVD | |
| CVE-2025-12589 |
WP-Walla <= 0.5.3.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting
|
MEDIUM | 6.1 | 2025-11-11 |
baronen WP-Walla
|
CVE NVD | |
| CVE-2025-12672 |
Flickr Show <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
nuvuscripts Flickr Show
|
CVE NVD | |
| CVE-2025-11997 |
Document Pro Elementor – Documentation & Knowledge Base <= 1.0.9 - Unauthenticated Information Exposure
|
MEDIUM | 5.3 | 2025-11-11 |
ngothoai Document Pro Elementor – Documentation & Knowledge Base
|
CVE NVD | |
| CVE-2025-11451 |
Auto Amazon Links – Amazon Associates Affiliate Plugin <= 5.4.3 - Unauthenticated Arbitrary File Read
|
HIGH | 7.5 | 2025-11-11 |
miunosoft Auto Amazon Links – Amazon Associates Affiliate Plugin
|
CVE NVD | |
| CVE-2025-12010 |
Authors List <= 2.0.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Limited Method Call in Plugin's Shortcode
|
MEDIUM | 6.5 | 2025-11-11 |
wpkube Authors List
|
CVE NVD | |
| CVE-2025-12754 |
Geopost <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
rampantlogic Geopost
|
CVE NVD | |
| CVE-2025-11805 |
Skip to Timestamp <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
doytch Skip to Timestamp
|
CVE NVD | |
| CVE-2025-12644 |
Nonaki – Drag and Drop Email Template builder and Newsletter plugin for WordPress <= 1.0.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Fields
|
MEDIUM | 6.4 | 2025-11-11 |
wpcox Nonaki – Drag and Drop Email Template builder and Newsletter plugin for WordPress
|
CVE NVD | |
| CVE-2025-11886 |
CTL Arcade Lite <= 1.0 - Cross-Site Request Forgery to Plugin Activation and Deactivation
|
MEDIUM | 4.3 | 2025-11-11 |
codethislab CTL Arcade Lite
|
CVE NVD | |
| CVE-2025-12632 |
RandomQuotr <= 1.0.4 - Authenticated (Admin+) Stored Cross-Site Scripting
|
MEDIUM | 5.5 | 2025-11-11 |
loveless RandomQuotr
|
CVE NVD | |
| CVE-2025-12538 |
Fleet Manager <= 2.5.1 - Authenticated (Editor+) Stored Cross-Site Scripting
|
MEDIUM | 4.4 | 2025-11-11 |
iworks Fleet Manager
|
CVE NVD | |
| CVE-2025-12880 |
Progress Bar Blocks for Gutenberg <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG
|
MEDIUM | 5.4 | 2025-11-11 |
jobayer534 Progress Bar Blocks for Gutenberg
|
CVE NVD | |
| CVE-2025-11996 |
Find Unused Images <= 1.0.7 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion
|
MEDIUM | 5.3 | 2025-11-11 |
toastwebsites Find Unused Images
toastwebsites find_unused_images
|
CVE NVD | |
| CVE-2025-11863 |
My Geo Posts Free <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
mindstien My Geo Posts Free
|
CVE NVD | |
| CVE-2025-11988 |
Crypto Tool <= 2.22 - Missing Authentication to Unauthenticated Limited File Deletion
|
MEDIUM | 5.3 | 2025-11-11 |
odude Crypto Tool
|
CVE NVD | |
| CVE-2025-11829 |
Five9 Live Chat <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
five9 Five9 Live Chat
|
CVE NVD |