精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 352547
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-57883
Reflected cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.3.0, ...
MEDIUM 5.1 2025-12-12
Japan Total System Co.,Ltd. GroupSession Free edition Japan Total System Co.,Ltd. GroupSession byCloud +2个
CVE NVD
CVE-2025-66284
Japan Total System多款产品 跨站脚本漏洞
MEDIUM 4.8 2025-12-12
Japan Total System Co.,Ltd. GroupSession Free edition Japan Total System Co.,Ltd. GroupSession byCloud +1个
CVE NVD +1
CVE-2025-53523
Stored cross-site scripting vulnerabilities exist in GroupSession Free edition prior to ver5.3.0, Gr...
MEDIUM 4.8 2025-12-12
Japan Total System Co.,Ltd. GroupSession Free edition Japan Total System Co.,Ltd. GroupSession byCloud +1个
CVE NVD
CVE-2025-54407
Japan Total System多款产品 跨站脚本漏洞
MEDIUM 5.1 2025-12-12
Japan Total System Co.,Ltd. GroupSession Free edition Japan Total System Co.,Ltd. GroupSession byCloud +1个
CVE NVD +1
CVE-2025-66492
Masa CMS vulnerable to Cross-Site Scripting (XSS) through URL Parameter
HIGH 8.2 2025-12-12
MasaCMS MasaCMS MasaCMS MasaCMS +3个
CVE NVD
CVE-2025-14138
WPLG Default Mail From <= 1.0.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
MEDIUM 6.1 2025-12-12
wpletsgo WPLG Default Mail From
CVE NVD
CVE-2025-13975
Contact Form 7 with ChatWork <= 1.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'api_token' and 'roomid' Settings
MEDIUM 4.4 2025-12-12
izuchy Contact Form 7 with ChatWork
CVE NVD
CVE-2025-13843
VigLink SpotLight By ShortCode <= 1.0.a - Authenticated (Contributor+) Stored Cross-Site Scripting via 'float' Shortcode Attribute
MEDIUM 6.4 2025-12-12
susantabeura VigLink SpotLight By ShortCode
CVE NVD
CVE-2025-14391
Simple Theme Changer <= 1.0 - Cross-Site Request Forgery to Arbitrary Theme Switcher Configuration Update
MEDIUM 4.3 2025-12-12
darendev Simple Theme Changer
CVE NVD
CVE-2025-13366
Rabbit Hole <= 1.1 - Cross-Site Request Forgery to Settings Reset
MEDIUM 4.3 2025-12-12
frapesce Rabbit Hole
CVE NVD
CVE-2025-13747
NewStatPress <= 1.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-12-12
ice00 NewStatPress
CVE NVD
CVE-2025-13850
LS Google Map Router <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-12
ladislavsoukupgmailcom LS Google Map Router
CVE NVD
CVE-2025-14137
Simple AL Slider <= 1.2.10 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
MEDIUM 6.1 2025-12-12
alexdtn Simple AL Slider
CVE NVD
CVE-2025-12650
Simple post listing <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
MEDIUM 6.4 2025-12-12
sgcoskey Simple post listing
CVE NVD
CVE-2025-12834
Accept Stripe Payments Using Contact Form 7 <= 3.1 - Reflected Cross-Site Scripting via failure_message
MEDIUM 6.1 2025-12-12
zealopensource Accept Stripe Payments Using Contact Form 7
CVE NVD
CVE-2025-13334
Blaze Demo Importer 1.0.0 - 1.0.13 - Missing Authorization to Authenticated (Subscriber+) Database Reset and File Deletion
HIGH 8.1 2025-12-12
blazethemes Blaze Demo Importer
CVE NVD
CVE-2025-12830
Better Elementor Addons <= 1.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Slider Widget
MEDIUM 6.4 2025-12-12
wpdive Better Addons for Elementor
CVE NVD
CVE-2025-14160
Upcoming for Calendly <= 1.2.4 - Cross-Site Request Forgery to Settings Update
MEDIUM 4.3 2025-12-12
justdave Upcoming for Calendly
CVE NVD
CVE-2025-13963
FX Currency Converter <= 0.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-12
falselight FX Currency Converter
CVE NVD
CVE-2025-13962
Divelogs Widget <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-12
klemmkeil Divelogs Widget
CVE NVD