快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352547
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-8195 |
JetWidgets For Elementor <= 1.0.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison and Subscribe Widgets
|
MEDIUM | 6.4 | 2025-12-13 |
jetmonsters JetWidgets For Elementor
|
CVE NVD | |
| CVE-2025-0969 |
Brizy – Page Builder <= 2.7.16 - Authenticated (Contributor+) Sensitive Information Exposure via get_users Function
|
MEDIUM | 6.5 | 2025-12-13 |
themefusecom Brizy – Page Builder
|
CVE NVD | |
| CVE-2025-7960 |
King Addons for Elementor <= 51.1.39 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
|
MEDIUM | 6.4 | 2025-12-13 |
kingaddons King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor
|
CVE NVD | |
| CVE-2025-36747 |
Growatt ShineLan-X 安全漏洞
|
CRITICAL | 9.4 | 2025-12-13 |
Growatt ShineLan-X
growatt shine_lan-x_firmware
|
CVE NVD +1 | |
| CVE-2025-36752 |
Growatt ShineLan-X 安全漏洞
|
CRITICAL | 9.4 | 2025-12-13 |
Growatt ShineLan-X
growatt shine_lan-x_firmware
|
CVE NVD +1 | |
| CVE-2025-36754 |
Growatt ShineLan-X 安全漏洞
|
CRITICAL | 9.3 | 2025-12-13 |
Growatt ShineLan-X
|
CVE NVD +1 | |
| CVE-2025-36748 |
Growatt ShineLan-X 安全漏洞
|
HIGH | 8.4 | 2025-12-13 |
Growatt ShineLan-X
growatt shine_lan-x_firmware
|
CVE NVD +1 | |
| CVE-2025-36750 |
Growatt ShineLan-X 安全漏洞
|
HIGH | 8.5 | 2025-12-13 |
Growatt ShineLan-X
growatt shine_lan-x_firmware
|
CVE NVD +1 | |
| CVE-2025-36753 |
Growatt ShineLan-X 安全漏洞
|
HIGH | 8.6 | 2025-12-13 |
Growatt ShineLan-X
growatt shine_lan-x_firmware
|
CVE NVD +1 | |
| CVE-2025-36751 |
Growatt ShineLan-X 安全漏洞
|
CRITICAL | 9.4 | 2025-12-13 |
Growatt ShineLan-X
|
CVE NVD +1 | |
| CVE-2025-10289 |
Filter & Grids <= 3.2.0 - Unauthenticated SQL Injection
|
MEDIUM | 5.9 | 2025-12-13 |
wssoffice21 Filter & Grids
|
CVE NVD | |
| CVE-2025-8779 |
All-in-One Addons for Elementor – WidgetKit <= 2.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team and Countdown Widgets
|
MEDIUM | 6.4 | 2025-12-13 |
shamsbd71 All-in-One Addons for Elementor – WidgetKit
|
CVE NVD | |
| CVE-2025-9207 |
TI WooCommerce Wishlist <= 2.10.0 - Unauthenticated HTML Injection
|
MEDIUM | 5.3 | 2025-12-13 |
templateinvaders TI WooCommerce Wishlist
|
CVE NVD | |
| CVE-2025-10738 |
URL Shortener Plugin For WordPress <= 3.0.7 - Unauthenticated SQL Injection
|
CRITICAL | 9.8 | 2025-12-13 |
rupok98 URL Shortener Plugin For WordPress
|
CVE NVD | |
| CVE-2025-14586 |
TOTOLINK X5000R cstecgi.cgi snprintf os command injection
|
MEDIUM | 5.3 | 2025-12-13 |
TOTOLINK X5000R
totolink x5000r_firmware
|
CVE NVD | |
| CVE-2025-9116 |
WordPress plugin WPS Visitor Counter Plugin 安全漏洞
|
MEDIUM | 5.8 | 2025-12-13 |
Unknown WPS Visitor Counter Plugin
|
CVE NVD +1 | |
| CVE-2025-12362 |
myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program <= 2.9.7 - Missing Authorization to Unauthenticated Withdrawal Request Approval
|
MEDIUM | 5.3 | 2025-12-13 |
saadiqbal myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program.
|
CVE NVD | |
| CVE-2025-14446 |
Popup Builder <= 1.1.37 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Reset
|
MEDIUM | 6.5 | 2025-12-13 |
ghozylab Popup Builder
|
CVE NVD | |
| CVE-2025-11693 |
Export WP Page to Static HTML & PDF <= 4.3.4 - Unauthenticated Cookie Exposure via Log File
|
CRITICAL | 9.8 | 2025-12-13 |
recorp Export WP Pages to HTML & PDF – Simply Create a Static Website
|
CVE NVD | |
| CVE-2025-9488 |
Redux Framework <= 4.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via data Parameter
|
MEDIUM | 6.4 | 2025-12-13 |
davidanderson Redux Framework
|
CVE NVD |