快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 356851
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-11986 |
Crypto Tool <= 2.22 - Unauthenticated Information Exposure via Global Authentication State
|
MEDIUM | 5.3 | 2025-11-11 |
odude Crypto Tool
|
CVE NVD | |
| CVE-2025-12126 |
The Total Book Project <= 1.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Book Manipulation
|
MEDIUM | 5.4 | 2025-11-11 |
ryanmoyer The Total Book Project
|
CVE NVD | |
| CVE-2025-12637 |
Elastic Theme Editor <= 0.0.3 - Authenticated (Subscriber+) Arbitrary File Upload
|
HIGH | 8.8 | 2025-11-11 |
koopersmith Elastic Theme Editor
|
CVE NVD | |
| CVE-2025-11882 |
Simple Donate <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
ethoseo Simple Donate
|
CVE NVD | |
| CVE-2025-12663 |
Jeba Cute forkit <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
jahed Jeba Cute forkit
|
CVE NVD | |
| CVE-2025-11860 |
Twitter Feed <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
caselock Twitter Feed
|
CVE NVD | |
| CVE-2025-11821 |
Woocommerce – Products By Custom Tax <= 2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
elvismdev Woocommerce – Products By Custom Tax
|
CVE NVD | |
| CVE-2025-12668 |
WP Count Down Timer <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
sitedin WP Count Down Timer
|
CVE NVD | |
| CVE-2025-12658 |
Preload Current Images <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
mmdeveloper Preload Current Images
|
CVE NVD | |
| CVE-2025-11859 |
Paypal Donation Shortcode <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
coenjacobs Paypal Donation Shortcode
|
CVE NVD | |
| CVE-2025-11532 |
Wisly <= 1.0.0 - Insecure Direct Object Reference to Unauthenticated Wishlist Manipulation
|
MEDIUM | 5.3 | 2025-11-11 |
softivus Wisly
|
CVE NVD | |
| CVE-2025-12631 |
Squirrels Auto Inventory <= 1.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting
|
MEDIUM | 4.4 | 2025-11-11 |
spokanetony Squirrels Auto Inventory
|
CVE NVD | |
| CVE-2025-12665 |
Ninja Countdown <= 1.5.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Countdown Deletion
|
MEDIUM | 4.3 | 2025-11-11 |
lovelightplugins Ninja Countdown | Fastest Countdown Builder
|
CVE NVD | |
| CVE-2025-12671 |
WP-Iconics <= 0.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
mrx3k1 WP-Iconics
|
CVE NVD | |
| CVE-2025-11869 |
Precise Columns <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
simonpedge Precise Columns
|
CVE NVD | |
| CVE-2025-12526 |
Private Google Calendars <= 20250811 - Missing Authorization to Authenticated (Subscriber+) Settings Reset
|
MEDIUM | 4.3 | 2025-11-11 |
michielve Private Google Calendars
|
CVE NVD | |
| CVE-2025-11828 |
Magazine Companion <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
|
MEDIUM | 6.4 | 2025-11-11 |
pubudu-malalasekara Magazine Companion
|
CVE NVD | |
| CVE-2025-12753 |
Chart Expert <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
sagortouch Chart Expert
|
CVE NVD | |
| CVE-2025-11170 |
WP移行専用プラグイン for CPI <= 1.0.2 - Unauthenticated Arbitrary File Upload
|
CRITICAL | 9.8 | 2025-11-11 |
kddiwebcommunications WP移行専用プラグイン for CPI
|
CVE NVD | |
| CVE-2025-12711 |
Share to Google Classroom <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via share_to_google Shortcode
|
MEDIUM | 6.4 | 2025-11-11 |
pritenhshah Share to Google Classroom
|
CVE NVD |