快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 352999
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-14134 |
Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so stack-based overflow
|
HIGH | 8.7 | 2025-12-06 |
Linksys RE6500
Linksys RE6500
+34个
|
CVE NVD | |
| CVE-2025-14133 |
Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so AP_get_wireless_clientlist_setClientsName stack-based overflow
|
HIGH | 8.7 | 2025-12-06 |
Linksys RE6500
Linksys RE6500
+34个
|
CVE NVD | |
| CVE-2025-14126 |
TOZED ZLT M30S/ZLT M30S PRO Web hard-coded credentials
|
HIGH | 8.7 | 2025-12-06 |
TOZED ZLT M30S
TOZED ZLT M30S
+2个
|
CVE NVD | |
| CVE-2025-13065 |
Starter Templates <= 4.4.41 - Authenticated (Author+) Arbitrary File Upload via WXR Upload Bypass
|
HIGH | 8.8 | 2025-12-06 |
brainstormforce Starter Templates – AI-Powered Templates for Elementor & Gutenberg
|
CVE NVD | |
| CVE-2025-12966 |
All-in-One Video Gallery 4.5.4 - 4.5.7 – Authenticated (Author+) Arbitrary File Upload via Import ZIP
|
HIGH | 8.8 | 2025-12-06 |
plugins360 All-in-One Video Gallery
|
CVE NVD | |
| CVE-2025-12499 |
Rich Shortcodes for Google Reviews <= 6.8 - Unauthenticated Stored Cross-Site Scripting via Google Review
|
HIGH | 7.2 | 2025-12-06 |
widgetpack Rich Shortcodes for Google Reviews
|
CVE NVD | |
| CVE-2025-13377 |
10Web Booster <= 2.32.7 - Authenticated (Subscriber+) Arbitrary Folder Deletion via two_clear_page_cache
|
CRITICAL | 9.6 | 2025-12-06 |
10web 10Web Booster – Website speed optimization, Cache & Page Speed optimizer
10web 10web_booster
|
CVE NVD | |
| CVE-2025-13748 |
Fluent Forms <= 6.1.7 - Unauthenticated Insecure Direct Object Reference to Payment Status Tampering via submission_id
|
MEDIUM | 5.3 | 2025-12-06 |
techjewel Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder
|
CVE NVD | |
| CVE-2025-13358 |
Accessiy By CodeConfig Accessibility <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page Creation
|
MEDIUM | 5.3 | 2025-12-06 |
codeconfig CodeConfig Accessibility
|
CVE NVD | |
| CVE-2025-13309 |
Accessiy By CodeConfig Accessibility – Easy One-Click Accessibility Toolbar That Truly Matters <= 1.0.0 - Authenticated (Subscriber+) Missing Authorization to Modify Accessibility Settings
|
MEDIUM | 4.3 | 2025-12-06 |
codeconfig CodeConfig Accessibility
|
CVE NVD | |
| CVE-2025-13894 |
CSV Sumotto <= 1.0 - Reflected Cross-Site Scripting
|
MEDIUM | 6.1 | 2025-12-06 |
sumotto CSV Sumotto
|
CVE NVD | |
| CVE-2025-12091 |
Search, Filters & Merchandising for WooCommerce <= 3.0.63 - Missing Authorization to Authenticated (Subscriber+) Plugin Deactivation
|
MEDIUM | 4.3 | 2025-12-06 |
instantsearchplus Search, Filters & Merchandising for WooCommerce
|
CVE NVD | |
| CVE-2025-13857 |
Yet Another WebClap for WordPress <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
|
MEDIUM | 6.4 | 2025-12-06 |
ksakai Yet Another WebClap for WordPress
|
CVE NVD | |
| CVE-2025-13856 |
Extra Post Images <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
|
MEDIUM | 6.4 | 2025-12-06 |
michaelcole1991 Extra Post Images
|
CVE NVD | |
| CVE-2025-13863 |
RevInsite <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
|
MEDIUM | 6.4 | 2025-12-06 |
krupenik RevInsite
|
CVE NVD | |
| CVE-2025-13907 |
CSS3 Buttons <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
|
MEDIUM | 6.4 | 2025-12-06 |
tunilame CSS3 Buttons
|
CVE NVD | |
| CVE-2025-12717 |
List Attachments Shortcode <= 0.4.1a - Authenticated (Author+) Stored Cross-Site Scripting via list-attachments Shortcode
|
MEDIUM | 6.4 | 2025-12-06 |
cgrymala List Attachments Shortcode
|
CVE NVD | |
| CVE-2025-12577 |
Listar – Directory Listing & Classifieds WordPress Plugin <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) Listing Update
|
MEDIUM | 4.3 | 2025-12-06 |
passionui Listar – Directory Listing & Classifieds WordPress Plugin
|
CVE NVD | |
| CVE-2025-12715 |
Canadian Nutrition Facts Label <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Nutrition Label Custom Post Type
|
MEDIUM | 6.4 | 2025-12-06 |
emaude Canadian Nutrition Facts Label
|
CVE NVD | |
| CVE-2025-13656 |
Cute News Ticker <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'color' Shortcode Attribute
|
MEDIUM | 6.4 | 2025-12-06 |
arnabkumar Cute News Ticker
|
CVE NVD |