精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 355986
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-64275
WordPress Booking Manager plugin <= 2.1.17 - Cross Site Scripting (XSS) vulnerability
MEDIUM 6.5 2025-11-13
wpdevelop Booking Manager
CVE NVD
CVE-2025-64274
WordPress WPKoi Templates for Elementor plugin <= 3.4.4 - Broken Access Control vulnerability
MEDIUM 4.3 2025-11-13
wpkoithemes WPKoi Templates for Elementor
CVE NVD
CVE-2025-64271
WordPress WP Plugin Manager plugin <= 1.4.7 - Cross Site Request Forgery (CSRF) vulnerability
MEDIUM 6.5 2025-11-13
HasThemes WP Plugin Manager hasthemes wp_plugin_manager
CVE NVD
CVE-2025-64269
WordPress WooCommerce PDF Invoice Builder plugin <= 1.2.150 - Broken Access Control vulnerability
MEDIUM 4.3 2025-11-13
EDGARROJAS WooCommerce PDF Invoice Builder
CVE NVD
CVE-2025-64267
WordPress WooCommerce Ultimate Points And Rewards plugin <= 2.10.2 - Sensitive Data Exposure vulnerability
MEDIUM 4.3 2025-11-13
WPSwings WooCommerce Ultimate Points And Rewards
CVE NVD
CVE-2025-64265
WordPress Frontend File Manager plugin <= 23.2 - Broken Access Control vulnerability
MEDIUM 4.3 2025-11-13
N-Media Frontend File Manager
CVE NVD
CVE-2025-64264
WordPress Popup addon for Ninja Forms plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability
MEDIUM 5.9 2025-11-13
Aman Popup addon for Ninja Forms
CVE NVD
CVE-2025-64263
WordPress WP Content Pilot plugin <= 2.1.7 - Broken Access Control vulnerability
MEDIUM 5.4 2025-11-13
PluginEver WP Content Pilot
CVE NVD
CVE-2025-64262
WordPress Auto Prune Posts plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability
MEDIUM 6.5 2025-11-13
ramon fincken Auto Prune Posts
CVE NVD
CVE-2025-64261
WordPress Appointment Booking Calendar plugin <= 1.3.95 - Broken Access Control vulnerability
MEDIUM 6.5 2025-11-13
codepeople Appointment Booking Calendar
CVE NVD
CVE-2025-64259
WordPress Theater for WordPress plugin <= 0.18.8 - Broken Access Control vulnerability
MEDIUM 6.5 2025-11-13
Jeroen Schmit Theater for WordPress
CVE NVD
CVE-2025-7704
Supermicro BMC SMASH services has a Stack-based buffer overflow vulnerability
MEDIUM 5.4 2025-11-13
SMCI SYS-111C-NR
CVE NVD
CVE-2025-11769
WordPress Content Flipper <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-11-13
aumsrini WordPress Content Flipper
CVE NVD
CVE-2025-11260
WP Headless CMS Framework <= 1.15 - Unauthenticated Protection Mechanism Bypass
MEDIUM 5.3 2025-11-13
benmoody WP Headless CMS Framework
CVE NVD
CVE-2025-10295
Angel – Fashion Model Agency WordPress CMS Theme <= 3.2.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-11-13
kayapati Angel – Fashion Model Agency WordPress CMS Theme
CVE NVD
CVE-2025-8397
Save as PDF Button <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via restpackpdfbutton Shortcode
MEDIUM 6.4 2025-11-13
restpack Save as PDF Button
CVE NVD
CVE-2025-12015
Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed <= 2.0.0 - Missing Authorization to Authenticated (Subscriber+) Afosto Disconnect
MEDIUM 4.3 2025-11-13
sanderkah Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed
CVE NVD
CVE-2025-12844
AI Engine <= 3.1.8 - Authenticated (Subscriber+) PHP Object Injection via PHAR Deserialization
HIGH 7.1 2025-11-13
tigroumeow AI Engine
CVE NVD
CVE-2025-12681
Comment Edit Core – Simple Comment Editing <= 3.1.0 - Unauthenticated Sensitive Information Exposure
MEDIUM 5.3 2025-11-13
ronalfy Comment Edit Core – Simple Comment Editing
CVE NVD
CVE-2025-12620
Poll Maker – Versus Polls, Anonymous Polls, Image Polls <= 6.0.7 - Authenticated (Administrator+) SQL Injection via `filterbyauthor` Parameter
MEDIUM 4.9 2025-11-13
ays-pro Poll Maker – Versus Polls, Anonymous Polls, Image Polls
CVE NVD