精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 353043
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-13614
Cool Tag Cloud <= 2.29 - Authenticated (Contributor+) Stored Cross-Site Scripting
HIGH 8.1 2025-12-05
wpkube Cool Tag Cloud
CVE NVD
CVE-2025-13678
Thai Lottery Widget <= 2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-05
siamlottery Thai Lottery Widget
CVE NVD
CVE-2025-12876
Projectopia – WordPress Project Management <= 5.1.19 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion
MEDIUM 5.3 2025-12-05
projectopia Projectopia – WordPress Project Management
CVE NVD
CVE-2025-12879
User Generator and Importer <= 1.2.2 - Cross-Site Request Forgery to Privilege Escalation via Arbitrary Administrator Account Creation
HIGH 8.8 2025-12-05
vinoth06 User Generator and Importer
CVE NVD
CVE-2025-13739
CryptX <= 4.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-12-05
d3395 CryptX
CVE NVD
CVE-2025-12851
My auctions allegro <= 3.6.32 - Unauthenticated Local File Inclusion via controller
HIGH 8.1 2025-12-05
wphocus My auctions allegro
CVE NVD
CVE-2025-12130
WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors <= 2.6.4 - Cross-Site Request Forgery to Vendor Product Deletion
MEDIUM 4.3 2025-12-05
wcvendors WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors
CVE NVD
CVE-2025-13684
ARK Related Posts <= 2.19 - Cross-Site Request Forgery to Settings Update
MEDIUM 4.3 2025-12-05
alexkar ARK Related Posts
CVE NVD
CVE-2025-12850
My auctions allegro <= 3.6.32 - Unauthenticated SQL Injection via auction_id
HIGH 7.5 2025-12-05
wphocus My auctions allegro
CVE NVD
CVE-2025-13515
Nouri.sh Newsletter <= 1.0.1.3 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
MEDIUM 6.1 2025-12-05
danrajkumar Nouri.sh Newsletter
CVE NVD
CVE-2025-12093
Voidek Employee Portal <= 1.0.6 - Missing Authorization
MEDIUM 5.3 2025-12-05
voidek Voidek Employee Portal
CVE NVD
CVE-2025-12355
Payaza <= 0.3.8 - Missing Authorization to Unauthenticated Order Status Update
MEDIUM 5.3 2025-12-05
bigmaster Payaza
CVE NVD
CVE-2025-12374
Email Verification, Email OTP, Block Spam Email, Passwordless login, Hide Login, Magic Login – User Verification <= 2.0.39 - Authentication Bypass to Account Takeover
CRITICAL 9.8 2025-12-05
pickplugins User Verification by PickPlugins
CVE NVD
CVE-2025-12354
Live CSS Preview <= 2.0.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update
MEDIUM 4.3 2025-12-05
dojodigital Live CSS Preview
CVE NVD
CVE-2025-12373
Torod – The smart shipping and delivery portal for e-shops and retailers <= 1.9 - Cross-Site Request Forgery To Plugin's Settings Modification
MEDIUM 4.3 2025-12-05
torod Torod – The smart shipping and delivery portal for e-shops and retailers
CVE NVD
CVE-2025-12186
Weekly Planner <= 1.0 - Authenticated (Admin+) Stored Cross-Site Scripting
MEDIUM 4.4 2025-12-05
michael_j_reid Weekly Planner
CVE NVD
CVE-2025-13528
Feedback Modal for Website <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Feedback Data Exfiltration via 'export_data' Parameter
MEDIUM 5.3 2025-12-05
nedwp Feedback Modal for Website
CVE NVD
CVE-2025-13860
Easy Jump Links Menus <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
MEDIUM 6.4 2025-12-05
webradykal Easy Jump Links Menus
CVE NVD
CVE-2025-12154
Auto Thumbnailer <= 1.0 - Authenticated (Contributor+) Arbitrary File Upload
HIGH 8.8 2025-12-05
moderntribe Auto Thumbnailer
CVE NVD
CVE-2025-12190
Image Optimizer by wps.sk <= 1.2.0 - Cross-Site Request Forgery to Bulk Image Optimization
MEDIUM 4.3 2025-12-05
duddi Image Optimizer by wps.sk
CVE NVD