精确匹配,速度快(10-50ms)
常用厂商: microsoft cisco google apple oracle
10-50ms
示例: microsoft sql_server cisco ios apache http_server
漏洞列表 353571
CVE ID 标题 严重程度 CVSS 发布时间 受影响产品 数据源 操作
CVE-2025-40209
btrfs: fix memory leak of qgroup_list in btrfs_add_qgroup_relation
MEDIUM -1.0 2025-11-21
Linux Linux Linux Linux
CVE NVD
CVE-2025-12750
Groundhogg <= 4.2.6.1 - Authenticated (Admin+) SQL Injection
MEDIUM 4.9 2025-11-21
trainingbusinesspros Groundhogg — CRM, Newsletters, and Marketing Automation
CVE NVD
CVE-2025-12160
Simple User Registration <= 6.6 - Unauthenticated Stored Cross-Site Scripting
HIGH 7.2 2025-11-21
nmedia Simple User Registration
CVE NVD
CVE-2025-12066
WP Delete Post Copies <= 6.0.2 - Authenticated (Admin+) Stored Cross-Site Scripting
MEDIUM 4.4 2025-11-21
etruel WP Delete Post Copies
CVE NVD
CVE-2025-12964
Magical Products Display <= 1.1.29 - Authenticated (Contributor+) Stored Cross-Site Scripting via MPD Pricing Table Widget
MEDIUM 6.4 2025-11-21
nalam-1 Magical Products Display – Elementor WooCommerce Widgets | Product Sliders, Grids & AJAX Search
CVE NVD
CVE-2025-13138
WP Directory Kit <= 1.4.3 - Unauthenticated SQL Injection via select_2_ajax() Function
HIGH 7.5 2025-11-21
listingthemes WP Directory Kit
CVE NVD
CVE-2025-13156
Vitepos – Point of Sale (POS) for WooCommerce <= 3.3.0 - Authenticated (Subscriber+) Arbitrary File Upload to Remote Code Execution
HIGH 8.8 2025-11-21
appsbd Vitepos – Point of Sale (POS) for WooCommerce
CVE NVD
CVE-2025-11808
Shortcode for Google Street View <= 0.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
MEDIUM 6.4 2025-11-21
antiochinteractive Shortcode for Google Street View
CVE NVD
CVE-2025-13141
HT Mega – Absolute Addons For Elementor <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tag Attribute Injection
MEDIUM 6.4 2025-11-21
devitemsllc HT Mega – Absolute Addons For Elementor
CVE NVD
CVE-2025-13149
Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories <= 4.9.1 - Authenticated (Author+) Missing Authorization to Post/Page Status Modification
MEDIUM 4.3 2025-11-21
publishpress Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories
CVE NVD
CVE-2025-11826
WP Company Info <= 1.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
MEDIUM 6.4 2025-11-21
bdeleasa WP Company Info
CVE NVD
CVE-2025-11973
简数采集器 <= 2.6.3 - Authenticated (Admin+) Arbitrary File Read
MEDIUM 4.9 2025-11-21
zhengdon 简数采集器
CVE NVD
CVE-2025-12039
BigBuy Dropshipping Connector for WooCommerce <= 2.0.5 - Unauthenticated IP Spoofing to phpinfo() Exposure
MEDIUM 5.3 2025-11-21
devsmip BigBuy Dropshipping Connector for WooCommerce
CVE NVD
CVE-2025-11803
WPSite Shortcode <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-11-21
wpfanyi WPSite Shortcode
CVE NVD
CVE-2025-11800
Surbma | MiniCRM Shortcode <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-11-21
surbma Surbma | MiniCRM Shortcode
CVE NVD
CVE-2025-11985
Realty Portal <= 0.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update
HIGH 8.8 2025-11-21
nootheme Realty Portal
CVE NVD
CVE-2025-11802
Bulma Shortcodes <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-11-21
bartboy011 Bulma Shortcodes
CVE NVD
CVE-2025-11773
Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO <= 2.4.6 - Missing Authorization to Authenticated (Subscriber+) Contract Address Update
MEDIUM 4.3 2025-11-21
beycanpress Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO
CVE NVD
CVE-2025-11763
Display Pages Shortcode <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-11-21
rustybadrobot Display Pages Shortcode
CVE NVD
CVE-2025-13135
HotelRunner Booking Widget <= 5.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
MEDIUM 6.4 2025-11-21
integrationshotelrunner HotelRunner Booking Widget
CVE NVD