精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 352547
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-14161
Truefy Embed <= 1.1.0 - Cross-Site Request Forgery to 'truefy_embed_options_update' Settings Update
MEDIUM 4.3 2025-12-12
truefy Truefy Embed
CVE NVD
CVE-2025-14354
Resource Library for Logged In Users <= 1.4 - Cross-Site Request Forgery to Multiple Administrative Actions
MEDIUM 4.3 2025-12-12
doubledome Resource Library for Logged In Users
CVE NVD
CVE-2025-14165
Kirim.Email WooCommerce Integration <= 1.2.9 - Cross-Site Request Forgery to Settings Update
MEDIUM 4.3 2025-12-12
developerke Kirim.Email WooCommerce Integration
CVE NVD
CVE-2025-13846
Easy Map Creator <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-12
qrevo Easy Map Creator
CVE NVD
CVE-2025-13363
IMAQ Core <= 1.2.1 - Cross-Site Request Forgery to URL Structure Update
MEDIUM 4.3 2025-12-12
imaqpress IMAQ CORE
CVE NVD
CVE-2025-12783
Premmerce Brands for WooCommerce <= 1.2.13 - Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings Update
MEDIUM 4.3 2025-12-12
premmerce Premmerce Brands for WooCommerce
CVE NVD
CVE-2025-14044
Visitor Logic Lite <= 1.0.3 - Unauthenticated PHP Object Injection via 'lpblocks' Cookie
HIGH 8.1 2025-12-12
rodgerholl Visitor Logic Lite
CVE NVD
CVE-2025-14166
WPMasterToolKit (WPMTK) <= 2.13.0 - Authenticated (Contributor+) Code Injection
MEDIUM 5.3 2025-12-12
ludwigyou WPMasterToolKit (WPMTK) – All in one plugin
CVE NVD
CVE-2025-14119
App Landing Template Blocks for WPBakery Page Builder <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-12
themebon App Landing Template Blocks for WPBakery (Visual Composer) Page Builder
CVE NVD
CVE-2025-14158
Coding Blocks <= 1.1.0 - Cross-Site Request Forgery to Settings Update
MEDIUM 4.3 2025-12-12
octagonsimon Coding Blocks
CVE NVD
CVE-2025-13904
WPGancio <= 1.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-12
lesion WPGancio
CVE NVD
CVE-2025-14045
URL Media Uploader <= 1.0.1 - Missing Authorization to Authenticated (Contributor+) Safe File Upload
MEDIUM 4.3 2025-12-12
apprhyme URL Media Uploader
CVE NVD
CVE-2025-12968
Infility Global <= 2.14.23 - Authenticated (Subscriber+) Arbitrary File Upload
HIGH 8.8 2025-12-12
infility Infility Global
CVE NVD
CVE-2025-12824
Player Leaderboard 1.0.0 - 1.0.2 - Authenticated (Contributor+) Local File Inclusion
HIGH 8.8 2025-12-12
tharkun69 Player Leaderboard
CVE NVD
CVE-2025-13408
Foxtool All-in-One: Contact chat button, Custom login, Media optimize images <= 2.5.2 - Cross-Site Request Forgery to Google OAuth Connection
MEDIUM 4.3 2025-12-12
foxtheme Foxtool All-in-One: Contact chat button, Custom login, Media optimize images
CVE NVD
CVE-2025-14344
Multi Uploader for Gravity Forms <= 1.1.7 - Unauthenticated Arbitrary File Deletion
CRITICAL 9.8 2025-12-12
sh1zen Multi Uploader for Gravity Forms
CVE NVD
CVE-2025-12883
Campay Woocommerce Payment Gateway <= 1.2.2 - Unauthenticated Payment Bypass
MEDIUM 5.3 2025-12-12
campay Campay Woocommerce Payment Gateway
CVE NVD
CVE-2025-14048
SimplyConvert <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'simplyconvert_hash' Option
MEDIUM 4.4 2025-12-12
jonahsc SimplyConvert
CVE NVD
CVE-2025-14129
Like DisLike Voting <= 1.0.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
MEDIUM 6.1 2025-12-12
wasiul99 Like DisLike Voting
CVE NVD
CVE-2025-13989
WP Dropzone <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'callback' Shortcode Attribute
MEDIUM 6.4 2025-12-12
nazsabuz WP Dropzone
CVE NVD