快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 340282
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-4645 |
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code ...
|
MEDIUM | 6.7 | 2025-11-11 |
Axis Communications AB AXIS OS
|
CVE NVD | |
| CVE-2025-11855 |
Age Restriction <= 3.0.2 - Subscriber+ Privilege Escalation
|
MEDIUM | -1.0 | 2025-11-11 |
Unknown age-restriction
|
CVE NVD | |
| CVE-2025-11307 |
WP Google Maps < 9.0.48 - Unauthenticated Stored XSS
|
MEDIUM | -1.0 | 2025-11-11 |
Unknown WP Go Maps (formerly WP Google Maps)
|
CVE NVD | |
| CVE-2025-11237 |
Make Email Customizer for WooCommerce <= 1.0.6 - Subscriber+ Arbitrary Options Update
|
MEDIUM | -1.0 | 2025-11-11 |
Unknown Make Email Customizer for WooCommerce
|
CVE NVD | |
| CVE-2025-12667 |
GitHub Gist Shortcode Plugin <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
paul1999 GitHub Gist Shortcode Plugin
|
CVE NVD | |
| CVE-2025-12651 |
Live Photos on WordPress <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
eggemplo Live Photos on WordPress
|
CVE NVD | |
| CVE-2025-12019 |
Featured Image <= 2.1 - Authenticated (Admin+) Stored Cross-Site Scripting
|
MEDIUM | 4.4 | 2025-11-11 |
mervinpraison Featured Image
|
CVE NVD | |
| CVE-2025-11521 |
Astra Security Suite – Firewall & Malware Scan <= 0.2 - Unauthenticated Arbitrary File Upload
|
HIGH | 8.1 | 2025-11-11 |
astrasecuritysuite Astra Security Suite – Firewall & Malware Scan
|
CVE NVD | |
| CVE-2025-11999 |
Add Multiple Marker <= 1.2 - Missing Authorization to Unauthenticated Settings Update
|
MEDIUM | 5.3 | 2025-11-11 |
krishaweb Add Multiple Marker
|
CVE NVD | |
| CVE-2025-12662 |
Coon Google Maps <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
andrico Coon Google Maps
|
CVE NVD | |
| CVE-2025-11129 |
Include fussball.de Widgets <= 4.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'api' and 'type'
|
MEDIUM | 6.4 | 2025-11-11 |
mheob Include Fussball.de Widgets
|
CVE NVD | |
| CVE-2025-11986 |
Crypto Tool <= 2.22 - Unauthenticated Information Exposure via Global Authentication State
|
MEDIUM | 5.3 | 2025-11-11 |
odude Crypto Tool
|
CVE NVD | |
| CVE-2025-12126 |
The Total Book Project <= 1.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Book Manipulation
|
MEDIUM | 5.4 | 2025-11-11 |
ryanmoyer The Total Book Project
|
CVE NVD | |
| CVE-2025-12637 |
Elastic Theme Editor <= 0.0.3 - Authenticated (Subscriber+) Arbitrary File Upload
|
HIGH | 8.8 | 2025-11-11 |
koopersmith Elastic Theme Editor
|
CVE NVD | |
| CVE-2025-11882 |
Simple Donate <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
ethoseo Simple Donate
|
CVE NVD | |
| CVE-2025-12663 |
Jeba Cute forkit <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
jahed Jeba Cute forkit
|
CVE NVD | |
| CVE-2025-11860 |
Twitter Feed <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
caselock Twitter Feed
|
CVE NVD | |
| CVE-2025-11821 |
Woocommerce – Products By Custom Tax <= 2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
elvismdev Woocommerce – Products By Custom Tax
|
CVE NVD | |
| CVE-2025-12668 |
WP Count Down Timer <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
sitedin WP Count Down Timer
|
CVE NVD | |
| CVE-2025-12658 |
Preload Current Images <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
mmdeveloper Preload Current Images
|
CVE NVD |