快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 356770
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-12754 |
Geopost <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
rampantlogic Geopost
|
CVE NVD | |
| CVE-2025-11805 |
Skip to Timestamp <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
doytch Skip to Timestamp
|
CVE NVD | |
| CVE-2025-12644 |
Nonaki – Drag and Drop Email Template builder and Newsletter plugin for WordPress <= 1.0.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Fields
|
MEDIUM | 6.4 | 2025-11-11 |
wpcox Nonaki – Drag and Drop Email Template builder and Newsletter plugin for WordPress
|
CVE NVD | |
| CVE-2025-11886 |
CTL Arcade Lite <= 1.0 - Cross-Site Request Forgery to Plugin Activation and Deactivation
|
MEDIUM | 4.3 | 2025-11-11 |
codethislab CTL Arcade Lite
|
CVE NVD | |
| CVE-2025-12632 |
RandomQuotr <= 1.0.4 - Authenticated (Admin+) Stored Cross-Site Scripting
|
MEDIUM | 5.5 | 2025-11-11 |
loveless RandomQuotr
|
CVE NVD | |
| CVE-2025-12538 |
Fleet Manager <= 2.5.1 - Authenticated (Editor+) Stored Cross-Site Scripting
|
MEDIUM | 4.4 | 2025-11-11 |
iworks Fleet Manager
|
CVE NVD | |
| CVE-2025-12880 |
Progress Bar Blocks for Gutenberg <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG
|
MEDIUM | 5.4 | 2025-11-11 |
jobayer534 Progress Bar Blocks for Gutenberg
|
CVE NVD | |
| CVE-2025-11996 |
Find Unused Images <= 1.0.7 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion
|
MEDIUM | 5.3 | 2025-11-11 |
toastwebsites Find Unused Images
toastwebsites find_unused_images
|
CVE NVD | |
| CVE-2025-11863 |
My Geo Posts Free <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
mindstien My Geo Posts Free
|
CVE NVD | |
| CVE-2025-11988 |
Crypto Tool <= 2.22 - Missing Authentication to Unauthenticated Limited File Deletion
|
MEDIUM | 5.3 | 2025-11-11 |
odude Crypto Tool
|
CVE NVD | |
| CVE-2025-11829 |
Five9 Live Chat <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
five9 Five9 Live Chat
|
CVE NVD | |
| CVE-2025-12652 |
Ungapped Widgets <= 1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
oscaruribe Ungapped Widgets
|
CVE NVD | |
| CVE-2025-11168 |
Mementor Core <= 2.2.5 - Authenticated (Subscriber+) Privilege Escalation
|
HIGH | 8.8 | 2025-11-11 |
mvirik Mementor Core
|
CVE NVD | |
| CVE-2025-11873 |
WP BBCode <= 1.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
eflyjason WP BBCode
|
CVE NVD | |
| CVE-2025-11874 |
Slippy Slider – Responsive Touch Navigation Slider <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 5.4 | 2025-11-11 |
mitegvg Slippy Slider – Responsive Touch Navigation Slider
|
CVE NVD | |
| CVE-2025-11891 |
Shelf Planner <= 2.7.0 - Unauthenticated Information Exposure via Log Files
|
MEDIUM | 5.3 | 2025-11-11 |
shelfplanner Shelf Planner
|
CVE NVD | |
| CVE-2025-11822 |
WP Bootstrap Tabs <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
virtus-designs WP Bootstrap Tabs
|
CVE NVD | |
| CVE-2025-11894 |
Shelf Planner <= 2.7.0 - Missing Authorization to Unauthenticated Settings Update
|
MEDIUM | 5.3 | 2025-11-11 |
shelfplanner Shelf Planner
|
CVE NVD | |
| CVE-2025-31719 |
In TEE EcDSA algorithm, there is a possible memory consistency issue. This could lead to generated i...
|
MEDIUM | 5.1 | 2025-11-11 |
Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T750/T765/T760/T770/T820/S8000/T8300/T9300
|
CVE NVD | |
| CVE-2025-42940 |
Memory Corruption vulnerability in SAP CommonCryptoLib
|
HIGH | 7.5 | 2025-11-11 |
SAP_SE SAP CommonCryptoLib
|
CVE NVD |