精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 353262
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-66061
WordPress Seriously Simple Podcasting plugin <= 3.13.0 - Cross Site Request Forgery (CSRF) vulnerability
MEDIUM 4.3 2025-11-21
Craig Hewitt Seriously Simple Podcasting castos seriously_simple_podcasting
CVE NVD
CVE-2025-66060
WordPress Seriously Simple Podcasting plugin <= 3.13.0 - Broken Access Control vulnerability
MEDIUM 5.3 2025-11-21
Craig Hewitt Seriously Simple Podcasting castos seriously_simple_podcasting
CVE NVD
CVE-2025-66059
WordPress Seriously Simple Podcasting plugin <= 3.13.0 - Sensitive Data Exposure vulnerability
MEDIUM 5.3 2025-11-21
Craig Hewitt Seriously Simple Podcasting castos seriously_simple_podcasting
CVE NVD
CVE-2025-66057
WordPress Bold Page Builder plugin <= 5.5.2 - Cross Site Scripting (XSS) vulnerability
MEDIUM 6.3 2025-11-21
boldthemes Bold Page Builder
CVE NVD
CVE-2025-66056
WordPress Uncanny Automator plugin < 6.10.0 - Sensitive Data Exposure vulnerability
MEDIUM 4.3 2025-11-21
Uncanny Owl Uncanny Automator
CVE NVD
CVE-2025-66055
WordPress Email Subscribers & Newsletters plugin <= 5.9.10 - PHP Object Injection vulnerability
HIGH 7.2 2025-11-21
Icegram Email Subscribers & Newsletters
CVE NVD
CVE-2025-66053
WordPress Enfold theme <= 7.1.2 - Cross Site Scripting (XSS) vulnerability
MEDIUM 6.5 2025-11-21
Kriesi Enfold
CVE NVD
CVE-2025-10039
ELEX WordPress HelpDesk & Customer Ticketing System <= 3.2.9 - Authenticated (Subscriber+) Insecure Direct Object Reference via 'eh_crm_ticket_single_view_client'
MEDIUM 4.3 2025-11-21
elextensions ELEX WordPress HelpDesk & Customer Ticketing System elula wsdesk
CVE NVD
CVE-2025-12935
FluentCRM - Marketing Automation For WordPress <= 2.9.84 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'fluentcrm_content' Shortcode
MEDIUM 6.4 2025-11-21
techjewel FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution
CVE NVD
CVE-2025-10054
ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Role Removal
MEDIUM 5.3 2025-11-21
elextensions ELEX WordPress HelpDesk & Customer Ticketing System elula wsdesk
CVE NVD
CVE-2025-40211
ACPI: video: Fix use-after-free in acpi_video_switch_brightness()
MEDIUM -1.0 2025-11-21
Linux Linux Linux Linux
CVE NVD
CVE-2025-40210
Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"
MEDIUM -1.0 2025-11-21
Linux Linux Linux Linux
CVE NVD
CVE-2025-40209
btrfs: fix memory leak of qgroup_list in btrfs_add_qgroup_relation
MEDIUM -1.0 2025-11-21
Linux Linux Linux Linux
CVE NVD
CVE-2025-12750
Groundhogg <= 4.2.6.1 - Authenticated (Admin+) SQL Injection
MEDIUM 4.9 2025-11-21
trainingbusinesspros Groundhogg — CRM, Newsletters, and Marketing Automation
CVE NVD
CVE-2025-12160
Simple User Registration <= 6.6 - Unauthenticated Stored Cross-Site Scripting
HIGH 7.2 2025-11-21
nmedia Simple User Registration
CVE NVD
CVE-2025-12066
WP Delete Post Copies <= 6.0.2 - Authenticated (Admin+) Stored Cross-Site Scripting
MEDIUM 4.4 2025-11-21
etruel WP Delete Post Copies
CVE NVD
CVE-2025-12964
Magical Products Display <= 1.1.29 - Authenticated (Contributor+) Stored Cross-Site Scripting via MPD Pricing Table Widget
MEDIUM 6.4 2025-11-21
nalam-1 Magical Products Display – Elementor WooCommerce Widgets | Product Sliders, Grids & AJAX Search
CVE NVD
CVE-2025-13138
WP Directory Kit <= 1.4.3 - Unauthenticated SQL Injection via select_2_ajax() Function
HIGH 7.5 2025-11-21
listingthemes WP Directory Kit
CVE NVD
CVE-2025-13156
Vitepos – Point of Sale (POS) for WooCommerce <= 3.3.0 - Authenticated (Subscriber+) Arbitrary File Upload to Remote Code Execution
HIGH 8.8 2025-11-21
appsbd Vitepos – Point of Sale (POS) for WooCommerce
CVE NVD
CVE-2025-11808
Shortcode for Google Street View <= 0.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
MEDIUM 6.4 2025-11-21
antiochinteractive Shortcode for Google Street View
CVE NVD