精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 352348
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2026-1127
Timeline Event History <= 3.2 - Reflected Cross-Site Scripting
MEDIUM 6.1 2026-01-24
wpdiscover Timeline Event History
CVE NVD
CVE-2025-13194
SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity <= 1.12.20 - Cross-Site Request Forgery to Survey Renaming
MEDIUM 4.3 2026-01-24
devsoftbaltic SurveyJS: Drag & Drop Form Builder
CVE NVD
CVE-2026-1191
JavaScript Notifier <= 1.2.8 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings
MEDIUM 4.4 2026-01-24
freemp JavaScript Notifier
CVE NVD
CVE-2026-1208
Friendly Functions for Welcart <= 1.2.5 - Cross-Site Request Forgery to Settings Update
MEDIUM 4.3 2026-01-24
mainichiweb Friendly Functions for Welcart
CVE NVD
CVE-2026-1189
LeadBI Plugin for WordPress <= 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'form_id' Shortcode Attribute
MEDIUM 6.4 2026-01-24
leadbi LeadBI Plugin for WordPress
CVE NVD
CVE-2026-1300
Responsive Header Plugin <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Settings Parameters
MEDIUM 4.4 2026-01-24
mehtevas Responsive Header Plugin
CVE NVD
CVE-2025-13139
SurveyJS: Drag & Drop WordPress Form Builder <= 1.12.20 - Cross-Site Request Forgery to Survey Creation
MEDIUM 4.3 2026-01-24
devsoftbaltic SurveyJS: Drag & Drop Form Builder
CVE NVD
CVE-2026-1098
CM CSS Columns <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'tag' Shortcode Attribute
MEDIUM 6.4 2026-01-24
codemacher CM CSS Columns
CVE NVD
CVE-2026-0633
MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 4.1.0 - Unauthenticated Form Submission Exposure via Forgeable Cookie Value
LOW 3.7 2026-01-24
roxnor MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor
CVE NVD
CVE-2026-1302
Meta-box GalleryMeta <= 3.0.1 - Authenticated (Editor+) Stored Cross-Site Scripting via Image Caption
MEDIUM 4.4 2026-01-24
shahinurislam Meta-box GalleryMeta
CVE NVD
CVE-2025-14630
AdminQuickbar <= 1.9.3 - Cross-Site Request Forgery to Settings Update
MEDIUM 4.3 2026-01-24
rtowebsites AdminQuickbar
CVE NVD
CVE-2026-0687
Meta-box GalleryMeta <= 3.0.1 - Missing Authorization to Authenticated (Author+) Gallery Management
MEDIUM 4.3 2026-01-24
shahinurislam Meta-box GalleryMeta
CVE NVD
CVE-2026-1266
Postalicious <= 3.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings
MEDIUM 4.4 2026-01-24
neop Postalicious
CVE NVD
CVE-2025-14907
Moderate Selected Posts <= 1.4 - Cross-Site Request Forgery to Plugin Settings Update
MEDIUM 4.3 2026-01-24
hallsofmontezuma Moderate Selected Posts
CVE NVD
CVE-2025-15516
All-in-One Video Gallery 4.1.0 - 4.6.4 - Missing Authorization to Authenticated (Subscriber+) Limited User Meta Update
MEDIUM 4.3 2026-01-24
plugins360 All-in-One Video Gallery
CVE NVD
CVE-2026-0800
User Submitted Posts – Enable Users to Submit Posts from the Front End <= 20251210 - Unauthenticated Stored Cross-Site Scripting via Custom Field
HIGH 7.2 2026-01-24
specialk User Submitted Posts – Enable Users to Submit Posts from the Front End
CVE NVD
CVE-2026-1088
Login Page Editor <= 1.2 - Cross-Site Request Forgery to Settings Update
MEDIUM 4.3 2026-01-24
zero1zerouk Login Page Editor
CVE NVD
CVE-2025-13676
JustClick registration plugin <= 0.1 - Reflected Cross-Site Scripting via PHP_SELF
MEDIUM 6.1 2026-01-24
ostin654 JustClick registration plugin
CVE NVD
CVE-2026-1099
Administrative Shortcodes <= 0.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'login' and 'logout' Shortcode Attributes
MEDIUM 6.4 2026-01-24
shazdeh Administrative Shortcodes
CVE NVD
CVE-2025-14609
Wise Analytics <= 1.1.9 - Missing Authorization to Unauthenticated Arbitrary Analytics Database Disclosure via 'name' Parameter
MEDIUM 5.3 2026-01-24
marcinlawrowski Wise Analytics
CVE NVD