精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 355556
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-12634
Refund Request for WooCommerce <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Refund Status Update
MEDIUM 4.3 2025-11-25
sunarc Refund Request for WooCommerce
CVE NVD
CVE-2025-13370
ProjectList <= 0.3.0 - Authenticated (Editor+) SQL Injection via 'id' Parameter
MEDIUM 4.9 2025-11-25
ov3rkll ProjectList
CVE NVD
CVE-2025-13311
Just Highlight <= 1.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Highlight Color' Setting
MEDIUM 4.4 2025-11-25
sigalitam Just Highlight
CVE NVD
CVE-2025-12645
Inline frame – Iframe <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
MEDIUM 6.4 2025-11-25
karthiksg Inline frame – Iframe
CVE NVD
CVE-2025-13405
Ace Post Type Builder <= 1.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Custom Taxonomy Deletion via 'taxonomy' Parameter
MEDIUM 5.3 2025-11-25
buywptemplates Ace Post Type Builder
CVE NVD
CVE-2025-13380
AI Engine for WordPress: ChatGPT, GPT Content Generator <= 1.0.1 - Authenticated (Contributor+) Arbitrary File Read
MEDIUM 6.5 2025-11-25
liquidthemes AI Engine for WordPress: ChatGPT, GPT Content Generator
CVE NVD
CVE-2025-13382
Frontend File Manager Plugin <= 23.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary File Renaming
MEDIUM 4.3 2025-11-25
nmedia Frontend File Manager Plugin
CVE NVD
CVE-2025-13404
atec Duplicate Page & Post <= 1.2.20 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication and Data Exposure
MEDIUM 5.3 2025-11-25
docjojo atec Duplicate Page & Post
CVE NVD
CVE-2025-12025
YouTube Subscribe <= 3.0.0 - Authenticated (Admin+) Stored Cross-Site Scripting via Title and Channel ID
MEDIUM 4.4 2025-11-25
mahabubs YouTube Subscribe
CVE NVD
CVE-2025-13386
Social Images Widget <= 2.1 - Missing Authorization to Unauthenticated Arbitrary Plugin Settings Deletion
MEDIUM 5.3 2025-11-25
lyrathemes Social Images Widget
CVE NVD
CVE-2025-12525
Locker Content <= 1.0.0 - Unauthenticated Information Exposure
MEDIUM 5.3 2025-11-25
appglut Locker Content
CVE NVD
CVE-2025-13389
Admin and Customer Messages After Order for WooCommerce: OrderConvo <= 14 - Missing Authorization to Unauthenticated Information Disclosure
MEDIUM 5.3 2025-11-25
nmedia Admin and Customer Messages After Order for WooCommerce: OrderConvo
CVE NVD
CVE-2025-13376
ProjectList <= 0.3.0 - Authenticated (Editor+) Arbitrary File Upload
HIGH 7.2 2025-11-25
ov3rkll ProjectList
CVE NVD
CVE-2025-12040
Wishlist for WooCommerce <= 1.0.9 - Insecure Direct Object Reference to Unauthenticated Wishlist Manipulation
MEDIUM 6.5 2025-11-25
themehunk Wishlist for WooCommerce
CVE NVD
CVE-2025-12586
Conditional Maintenance Mode for WordPress <= 1.0.0 - Cross-Site Request Forgery
MEDIUM 4.3 2025-11-25
evolurise Conditionnal Maintenance Mode for WordPress
CVE NVD
CVE-2025-13452
Admin and Customer Messages After Order for WooCommerce: OrderConvo <= 14 - Missing Authorization to Unauthenticated User Impersonation in Order Messages
MEDIUM 4.3 2025-11-25
nmedia Admin and Customer Messages After Order for WooCommerce: OrderConvo
CVE NVD
CVE-2025-12032
ZWeb - Social Mobile <= 1.0.0 - Authenticated (Admin+) Stored Cross-Site Scripting
MEDIUM 4.4 2025-11-25
vithanhlam Zweb Social Mobile – Ứng Dụng Nút Gọi Mobile
CVE NVD
CVE-2025-13383
Job Board by BestWebSoft <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via $_GET Array Storage
MEDIUM 6.1 2025-11-25
bestweblayout Job Board by BestWebSoft
CVE NVD
CVE-2025-13414
Chamber Dashboard Business Directory <= 3.3.11 - Missing Authorization to Unauthenticated Business Information Export
MEDIUM 5.3 2025-11-25
gwendydd Chamber Dashboard Business Directory
CVE NVD
CVE-2025-12043
Autochat Automatic Conversation <= 1.1.9 - Missing Authorization to Unauthenticated Settings Update
MEDIUM 5.3 2025-11-25
autochat Autochat Automatic Conversation
CVE NVD