精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 354145
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-13838
WishSuite <= 1.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'button_text' Shortcode Attribute
MEDIUM 6.4 2025-12-21
htplugins WishSuite – Wishlist for WooCommerce
CVE NVD
CVE-2025-14071
Live Composer – Free WordPress Website Builder <= 2.0.2 - Authenticated (Contributor+) PHP Object Injection via dslc_module_posts_output Shortcode
HIGH 7.5 2025-12-21
livecomposer Live Composer – Free WordPress Website Builder
CVE NVD
CVE-2025-14080
Frontend Post Submission Manager Lite <= 1.2.5 - Missing Authorization to Unauthenticated Arbitrary Post Modification
MEDIUM 5.3 2025-12-21
wpshuffle Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin
CVE NVD
CVE-2025-11496
Five Star Restaurant Reservations – WordPress Booking Plugin <= 2.7.5 - Unauthenticated Stored Cross-Site Scripting
MEDIUM 6.1 2025-12-21
rustaurius Five Star Restaurant Reservations – WordPress Booking Plugin
CVE NVD
CVE-2023-47232
WordPress WP Affiliate Disclosure plugin <= 1.2.6 - Broken Access Control + CSRF vulnerability
MEDIUM 4.3 2025-12-21
mojofywp WP Affiliate Disclosure
CVE NVD
CVE-2023-25446
WordPress HappyFiles Pro plugin <= 1.8.1 - Broken Access Control vulnerability
HIGH 7.7 2025-12-21
HappyFiles HappyFiles Pro
CVE NVD
CVE-2023-25445
WordPress HappyFiles Pro plugin <= 1.8.1 - Broken Access Control vulnerability
MEDIUM 5.4 2025-12-21
HappyFiles HappyFiles Pro
CVE NVD
CVE-2023-25068
WordPress Magazine Edge theme <= 1.13 - Authenticated Arbitrary Plugin Activation
MEDIUM 4.3 2025-12-20
Mapro Collins Magazine Edge
CVE NVD
CVE-2025-14989
Campcodes Complete Online Beauty Parlor Management System search-invoices.php sql injection
MEDIUM 6.9 2025-12-20
Campcodes Complete Online Beauty Parlor Management System campcodes complete_online_beauty_parlor_management_system
CVE NVD
CVE-2025-34290
Versa SASE Client for Windows 安全漏洞
HIGH 8.5 2025-12-20
Versa Networks SASE Client for Windows
CVE NVD +1
CVE-2025-7782
WP JobHunt <= 7.7 - Missing Authorization to Authenticated (Candidate+) Stored Cross-Site Scripting via 'status'
HIGH 7.6 2025-12-20
未知
CVE NVD
CVE-2025-7733
WP JobHunt <= 7.7 - Authenticated (Candidate+) Insecure Direct Object Reference
MEDIUM 4.3 2025-12-20
未知
CVE NVD
CVE-2025-14298
FiboSearch – Ajax Search for WooCommerce <= 1.32.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via thegem_te_search Shortcode
MEDIUM 5.4 2025-12-20
damian-gora FiboSearch – Ajax Search for WooCommerce
CVE NVD
CVE-2025-12492
Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.11.0 - Unauthenticated Sensitive Information Exposure
MEDIUM 5.3 2025-12-20
ultimatemember Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin
CVE NVD
CVE-2025-13619
Flex Store Users <= 1.1.0 - Unauthenticated Privilege Escalation
CRITICAL 9.8 2025-12-20
CMSSuperHeroes Flex Store Users
CVE NVD
CVE-2025-12820
WordPress plugin Pure WC Variation Swatches 安全漏洞
MEDIUM 5.3 2025-12-20
Unknown Pure WC Variation Swatches
CVE NVD +1
CVE-2025-13365
WP Hallo Welt <= 1.4. - Cross-Site Request Forgery to Stored Cross-Site Scripting
MEDIUM 6.1 2025-12-20
tikolan WP Hallo Welt
CVE NVD
CVE-2025-12581
Attachments Handler <= 1.1.7 - Reflected Cross-Site Scripting
MEDIUM 6.1 2025-12-20
kaizencoders Attachments Handler
CVE NVD
CVE-2025-13329
File Uploader for WooCommerce <= 1.0.3 - Unauthenticated Arbitrary File Upload via add-image-data
CRITICAL 9.8 2025-12-20
snowray File Uploader for WooCommerce
CVE NVD
CVE-2025-14168
WP DB Booster <= 1.0.1 - Cross-Site Request Forgery to Database Cleanup
MEDIUM 4.3 2025-12-20
wpmaniax WP DB Booster
CVE NVD