精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 354145
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-62926
WordPress TempTool plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability
MEDIUM 6.5 2025-12-21
HappyDevs TempTool
CVE NVD
CVE-2025-62955
WordPress TempTool plugin <= 1.3.1 - Sensitive Data Exposure vulnerability
MEDIUM 4.3 2025-12-21
HappyDevs TempTool
CVE NVD
CVE-2025-14995
Tenda FH1201 SetIpBind sprintf stack-based overflow
HIGH 8.7 2025-12-21
Tenda FH1201 tenda fh1201_firmware
CVE NVD
CVE-2025-14994
Tenda FH1201/FH1206 HTTP Request webtypelibrary strcat stack-based overflow
HIGH 8.7 2025-12-21
Tenda FH1201 Tenda FH1201 +4个
CVE NVD
CVE-2025-14800
Redirection for Contact Form 7 <= 3.2.7 - Unauthenticated Arbitrary File Copy via move_file_to_upload
HIGH 8.1 2025-12-21
themeisle Redirection for Contact Form 7
CVE NVD
CVE-2025-14855
SureForms <= 2.2.0 - Unauthenticated Stored Cross-Site Scripting
HIGH 7.2 2025-12-21
brainstormforce SureForms – Contact Form, Payment Form & Other Custom Form Builder
CVE NVD
CVE-2025-14993
Tenda AC18 HTTP Request SetDlnaCfg sprintf stack-based overflow
HIGH 8.7 2025-12-21
Tenda AC18 tenda ac18_firmware
CVE NVD
CVE-2025-14992
Tenda AC18 HTTP Request GetParentControlInfo strcpy stack-based overflow
HIGH 8.7 2025-12-21
Tenda AC18 tenda ac18_firmware
CVE NVD
CVE-2025-14991
Campcodes Complete Online Beauty Parlor Management System bwdates-reports-details.php cross site scripting
MEDIUM 4.8 2025-12-21
Campcodes Complete Online Beauty Parlor Management System campcodes complete_online_beauty_parlor_management_system
CVE NVD
CVE-2025-13361
Web to SugarCRM Lead <= 1.0.0 - Cross-Site Request Forgery to Custom Field Deletion
MEDIUM 4.3 2025-12-21
dipesh_patel Web to SugarCRM Lead
CVE NVD
CVE-2025-13220
Ultimate Member <= 2.11.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-21
ultimatemember Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin
CVE NVD
CVE-2025-12654
Migration, Backup, Staging – WPvivid Backup & Migration <= 0.9.120 - Authenticated (Admin+) Arbitrary Directory Creation
LOW 2.7 2025-12-21
wpvividplugins Migration, Backup, Staging – WPvivid Backup & Migration
CVE NVD
CVE-2025-13693
Image Photo Gallery Final Tiles Grid <= 3.6.8 - Authenticated (Author+) Stored Cross-Site Scripting via 'Custom Scripts' Setting
MEDIUM 6.4 2025-12-21
wpchill Image Photo Gallery Final Tiles Grid
CVE NVD
CVE-2025-12398
Product Table for WooCommerce <= 5.0.8 - Reflected Cross-Site Scripting
MEDIUM 6.1 2025-12-21
codersaiful Product Table for WooCommerce
CVE NVD
CVE-2025-9343
ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.4 - Unauthenticated Stored Cross-Site Scripting
HIGH 7.2 2025-12-21
elextensions ELEX WordPress HelpDesk & Customer Ticketing System
CVE NVD
CVE-2025-14990
Campcodes Complete Online Beauty Parlor Management System view-appointment.php sql injection
MEDIUM 6.9 2025-12-21
Campcodes Complete Online Beauty Parlor Management System campcodes complete_online_beauty_parlor_management_system
CVE NVD
CVE-2025-68644
Yealink RPS before 2025-06-27 allows unauthorized access to information, including AutoP URL address...
HIGH 7.4 2025-12-21
Yealink RPS
CVE NVD
CVE-2025-12980
Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX <= 5.0.3 - Missing Authorization to Unauthenticated Sensitive Information Exposure
HIGH 7.5 2025-12-21
wpxpo Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX
CVE NVD
CVE-2025-14043
Tainacan <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Metadata Section Creation
MEDIUM 5.3 2025-12-21
tainacan Tainacan
CVE NVD
CVE-2025-14054
WC Builder <= 1.2.0 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'heading_color' Shortcode Attribute
MEDIUM 4.4 2025-12-21
hasthemes WC Builder – WooCommerce Page Builder for WPBakery
CVE NVD