精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 353043
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-12717
List Attachments Shortcode <= 0.4.1a - Authenticated (Author+) Stored Cross-Site Scripting via list-attachments Shortcode
MEDIUM 6.4 2025-12-06
cgrymala List Attachments Shortcode
CVE NVD
CVE-2025-12577
Listar – Directory Listing & Classifieds WordPress Plugin <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) Listing Update
MEDIUM 4.3 2025-12-06
passionui Listar – Directory Listing & Classifieds WordPress Plugin
CVE NVD
CVE-2025-12715
Canadian Nutrition Facts Label <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Nutrition Label Custom Post Type
MEDIUM 6.4 2025-12-06
emaude Canadian Nutrition Facts Label
CVE NVD
CVE-2025-13656
Cute News Ticker <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'color' Shortcode Attribute
MEDIUM 6.4 2025-12-06
arnabkumar Cute News Ticker
CVE NVD
CVE-2025-13899
TR Timthumb <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-06
pntrinh TR Timthumb
CVE NVD
CVE-2025-13308
Application Passwords <= 0.1.3 - Reflected Cross-Site Scripting via reject_url
MEDIUM 5.4 2025-12-06
georgestephanis Application Passwords
CVE NVD
CVE-2025-13666
Helloprint <= 2.1.2 - Missing Authorization to Unauthenticated Arbitrary Order Status Modification
MEDIUM 5.3 2025-12-06
helloprint Plug your WooCommerce into the largest catalog of customized print products from Helloprint
CVE NVD
CVE-2025-13629
WP Landing Page <= 0.9.3 - Cross-Site Request Forgery to Arbitrary Post Meta Update
MEDIUM 4.3 2025-12-06
xbenx WP Landing Page
CVE NVD
CVE-2025-12673
Flex QR Code Generator <= 1.2.6 - Unauthenticated Arbitrary File Upload
CRITICAL 9.8 2025-12-06
ajitdas Flex QR Code Generator
CVE NVD
CVE-2025-12720
g-FFL Cockpit <= 1.7.1 - Improper Authorization to Unauthenticated Product Deletion
MEDIUM 5.3 2025-12-06
garidium g-FFL Cockpit
CVE NVD
CVE-2025-12574
Listar – Directory Listing & Classifieds WordPress Plugin <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion
MEDIUM 4.3 2025-12-06
passionui Listar – Directory Listing & Classifieds WordPress Plugin
CVE NVD
CVE-2025-12721
g-FFL Cockpit <= 1.7.1 - Missing Authorization to Unauthenticated Information Exposure
MEDIUM 5.3 2025-12-06
garidium g-FFL Cockpit
CVE NVD
CVE-2025-13896
Social Feed Gallery Portfolio <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute
MEDIUM 6.4 2025-12-06
wpdiscover Social Feed Gallery Portfolio
CVE NVD
CVE-2025-13898
Ultra Skype Button <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'btn_id' Shortcode Attribute
MEDIUM 6.4 2025-12-06
sozan45 Ultra Skype Button
CVE NVD
CVE-2025-13137
Live Sales Notification for Woocommerce – Woomotiv <= 3.6.3 - Reflected Cross-Site Scripting
MEDIUM 6.1 2025-12-06
delabon Live Sales Notification for Woocommerce – Woomotiv
CVE NVD
CVE-2025-13626
myLCO <= 0.8.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
MEDIUM 6.1 2025-12-06
realloc myLCO
CVE NVD
CVE-2025-14117
fit2cloud Halo cross-site request forgery
MEDIUM 5.3 2025-12-06
fit2cloud Halo fit2cloud halo
CVE NVD
CVE-2025-13292
Google Apigee-X 安全漏洞
HIGH 7.6 2025-12-06
Google Cloud Apigee-X
CVE NVD +1
CVE-2025-13922
Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Authenticated (Contributor+) SQL Injection via ORDER BY Clause
MEDIUM 6.5 2025-12-06
stevejburge Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI
CVE NVD
CVE-2025-12505
weDocs <= 2.1.14 - Missing Authorization to Settings Update
MEDIUM 5.4 2025-12-06
wedevs weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot
CVE NVD