精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 352547
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-14476
Doubly <= 1.0.46 - Authenticated (Subscriber+) PHP Object Injection via ZIP File Import
HIGH 8.8 2025-12-13
unitecms Doubly – Cross Domain Copy Paste for WordPress
CVE NVD
CVE-2025-14475
Extensive VC Addons for WPBakery page builder <= 1.9.1 - Unauthenticated Local File Inclusion via 'shortcode_name' Parameter
HIGH 8.1 2025-12-13
nenad-obradovic Extensive VC Addons for WPBakery page builder
CVE NVD
CVE-2025-14462
Lucky Draw Contests <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update
MEDIUM 4.3 2025-12-13
owais4377 Lucky Draw Contests
CVE NVD
CVE-2025-11376
Colibri Page Builder <= 1.0.335 - Authenticated (Contributor+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-12-13
extendthemes Colibri Page Builder
CVE NVD
CVE-2025-13094
WP3D Model Import Viewer <= 1.0.7 - Authenticated (Contributor+) Arbitrary File Upload
HIGH 8.8 2025-12-13
wp3d WP3D Model Import Viewer
CVE NVD
CVE-2025-14447
AnnunciFunebri Impresa <= 4.7.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Options Deletion
MEDIUM 5.3 2025-12-13
pcantoni AnnunciFunebri Impresa
CVE NVD
CVE-2025-14397
Postem Ipsum <= 3.0.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation in postem_ipsum_generate_users
HIGH 8.8 2025-12-13
franciscopalacios Postem Ipsum
CVE NVD
CVE-2025-14540
Userback <= 1.0.15 - Missing Authorization to Authenticated (Subscriber+) Plugin's Configuration Exposure
MEDIUM 4.3 2025-12-13
userback Userback
CVE NVD
CVE-2025-14378
Quick Testimonials <= 2.1 - Authenticated (Admin+) Stored Cross-Site Scripting
MEDIUM 4.4 2025-12-13
themeregion Quick Testimonials
CVE NVD
CVE-2025-14366
Eyewear prescription form <= 6.0.1 - Missing Authorization to Unauthenticated Arbitrary WooCommerce Product Creation
MEDIUM 5.3 2025-12-13
dugudlabs Eyewear prescription form
CVE NVD
CVE-2025-9873
a3 Lazy Load <= 2.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-12-13
a3rev a3 Lazy Load
CVE NVD
CVE-2025-14395
Popover Windows <= 1.2 - Missing Authorization to Authenticated (Subscriber+) Popover Configuration Update via AJAX Actions
MEDIUM 4.3 2025-12-13
melodicmedia Popover Windows
CVE NVD
CVE-2025-11970
Emplibot – AI Content Writer with Keyword Research, Infographics, and Linking | SEO Optimized | Fully Automated <= 1.0.9 - Authenticated (Admin+) Server-Side Request Forgery
MEDIUM 4.4 2025-12-13
emplibot Emplibot – AI Content Writer with Keyword Research, Infographics, and Linking | SEO Optimized | Fully Automated
CVE NVD
CVE-2025-14454
Image Slider by Ays- Responsive Slider and Carousel <= 2.7.0 - Cross-Site Request Forgery to Arbitrary Slider Deletion
MEDIUM 4.3 2025-12-13
ays-pro Image Slider by Ays- Responsive Slider and Carousel
CVE NVD
CVE-2025-14050
Design Import/Export <= 2.2 - Authenticated (Administrator+) SQL Injection via XML File Import
MEDIUM 4.9 2025-12-13
uxl Design Import/Export – Styles, Templates, Template Parts and Patterns
CVE NVD
CVE-2025-13089
WP Directory Kit <= 1.4.7 - Unauthenticated SQL Injection
HIGH 7.5 2025-12-13
listingthemes WP Directory Kit
CVE NVD
CVE-2025-14278
HT Slider for Elementor <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-12-13
htplugins HT Slider For Elementor
CVE NVD
CVE-2025-14056
Custom Post Type UI <= 1.18.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'label' Import Parameter
MEDIUM 4.4 2025-12-13
webdevstudios Custom Post Type UI
CVE NVD
CVE-2025-12512
GenerateBlocks <= 2.1.2 - Authenticated (Contributor+) Information Exposure via Metadata
MEDIUM 4.3 2025-12-13
edge22 GenerateBlocks
CVE NVD
CVE-2025-14581
HAPPY – Helpdesk Support Ticket System <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Reply
MEDIUM 5.3 2025-12-13
villatheme HAPPY – Helpdesk Support Ticket System
CVE NVD