| CVE-2025-67932 |
Listeo Core插件反射型XSS漏洞 |
高危 |
7.1 |
2026-01-08 |
| CVE-2025-67931 |
WordPress BulletProof Security插件敏感信息泄露漏洞 |
高危 |
7.5 |
2026-01-08 |
| CVE-2025-67930 |
eHive Search插件反射型XSS漏洞 |
高危 |
7.1 |
2026-01-08 |
| CVE-2025-67928 |
WordPress Automotive Listings插件SQL注入漏洞 |
严重 |
9.3 |
2026-01-08 |
| CVE-2025-67927 |
Link Whisper Free插件反射型XSS漏洞 |
高危 |
7.1 |
2026-01-08 |
| CVE-2025-67926 |
WordPress Fluent Support插件访问控制缺陷漏洞 |
中危 |
6.5 |
2026-01-08 |
| CVE-2025-67925 |
| Corpkit WordPress主题本地文件包含漏洞 |
高危 |
7.5 |
2026-01-08 |
| CVE-2025-67924 |
WordPress Corpkit主题任意文件上传漏洞 |
严重 |
9.9 |
2026-01-08 |
| CVE-2025-67922 |
WordPress Grand Restaurant主题反射型XSS漏洞 |
高危 |
7.1 |
2026-01-08 |
| CVE-2025-67921 |
WordPress Lobo主题Blind SQL注入漏洞 |
高危 |
8.5 |
2026-01-08 |
| CVE-2025-67920 |
Neo Ocular WordPress主题本地文件包含漏洞 |
高危 |
8.1 |
2026-01-08 |
| CVE-2025-67919 |
Woffice Core授权绕过漏洞 |
中危 |
6.5 |
2026-01-08 |
| CVE-2025-67918 |
Woffice主题反射型XSS跨站脚本漏洞 |
高危 |
7.1 |
2026-01-08 |
| CVE-2025-67917 |
WordPress Traveler主题访问控制漏洞 |
中危 |
6.5 |
2026-01-08 |
| CVE-2025-67916 |
WordPress Jobify主题反射型XSS跨站脚本漏洞 |
高危 |
7.1 |
2026-01-08 |
| CVE-2025-67915 |
Timetics WordPress插件认证绕过漏洞 |
高危 |
8.8 |
2026-01-08 |
| CVE-2025-67914 |
VidMov主题路径遍历漏洞 |
高危 |
7.7 |
2026-01-08 |
| CVE-2025-67913 |
Aruba HiSpeed Cache插件缺失授权访问控制漏洞 |
中危 |
6.5 |
2026-01-08 |
| CVE-2025-67911 |
WordPress Newsletters插件反序列化对象注入漏洞 |
严重 |
9.8 |
2026-01-08 |
| CVE-2025-67910 |
Contentstudio WordPress插件任意文件上传漏洞 |
严重 |
9.1 |
2026-01-08 |
| CVE-2025-67825 |
Nitro PDF Pro签名验证信息显示不一致漏洞 |
中危 |
5.5 |
2026-01-08 |
| CVE-2025-67325 |
QloApps酒店评论功能无限制文件上传导致远程代码执行 |
严重 |
9.8 |
2026-01-08 |
| CVE-2025-67091 |
GL-Inet AX1800 opkg-call符号链接攻击漏洞 |
中危 |
6.5 |
2026-01-08 |
| CVE-2025-67090 |
| Gl.Inet AX1800 LuCI Web界面缺少认证速率限制 |
中危 |
5.1 |
2026-01-08 |
| CVE-2025-67089 |
GL-iNet GL-AXT1800路由器命令注入漏洞 |
高危 |
8.1 |
2026-01-08 |
| CVE-2025-66916 |
RuoYi-Vue-Plus snailjob组件QLExpress表达式注入漏洞 |
严重 |
9.4 |
2026-01-08 |
| CVE-2025-66913 |
JimuReport <=2.1.3 H2 JDBC URL远程代码执行漏洞(CVE-2025-66... |
严重 |
9.8 |
2026-01-08 |
| CVE-2025-66001 |
NeuVector OpenID Connect TLS验证缺失导致中间人攻击漏洞 |
高危 |
8.8 |
2026-01-08 |
| CVE-2025-65731 |
D-Link DIR-605L路由器UART串口未授权访问导致命令执行漏洞(CVE-2025-657... |
中危 |
6.8 |
2026-01-08 |
| CVE-2025-65518 |
Plesk Obsidian get_password.php拒绝服务漏洞(CVE-2025-655... |
高危 |
7.5 |
2026-01-08 |
| CVE-2025-63611 |
phpgurukul Hostel Management System v2.1 存储型XSS漏洞 |
高危 |
8.7 |
2026-01-08 |
| CVE-2025-62877 |
SUSE Harvester交互式安装程序暴露默认SSH密码漏洞(CVE-2025-62877) |
严重 |
9.8 |
2026-01-08 |
| CVE-2025-61550 |
Print Shop Pro WebDesk 存储型XSS漏洞 |
中危 |
5.4 |
2026-01-08 |
| CVE-2025-61549 |
Print Shop Pro WebDesk LoginID参数XSS漏洞 |
中危 |
6.1 |
2026-01-08 |
| CVE-2025-61548 |
Print Shop Pro WebDesk SQL注入漏洞 |
严重 |
9.8 |
2026-01-08 |
| CVE-2025-61547 |
Print Shop Pro WebDesk CSRF跨站请求伪造漏洞 |
中危 |
6.8 |
2026-01-08 |
| CVE-2025-61546 |
Print Shop Pro WebDesk 负数量购买业务逻辑漏洞 |
严重 |
9.1 |
2026-01-08 |
| CVE-2025-61246 |
indieka900在线购物系统SQL注入漏洞 |
严重 |
9.8 |
2026-01-08 |
| CVE-2025-59470 |
Veeam Backup & Replication Backup Operator远程代码执行漏洞 |
严重 |
9.0 |
2026-01-08 |
| CVE-2025-59469 |
Veeam Backup权限提升漏洞 |
严重 |
9.0 |
2026-01-08 |
| CVE-2025-59468 |
Veeam Backup & Replication 备份管理员远程代码执行漏洞 |
严重 |
9.0 |
2026-01-08 |
| CVE-2025-56425 |
enaio AppConnector SMTP命令注入漏洞 |
严重 |
9.1 |
2026-01-08 |
| CVE-2025-56424 |
e-invoice pro XXE注入导致拒绝服务漏洞 |
高危 |
7.5 |
2026-01-08 |
| CVE-2025-55125 |
Veeam备份配置文件漏洞允许低权限用户以root权限执行代码 |
高危 |
7.8 |
2026-01-08 |
| CVE-2025-50334 |
Technitium DNS Server rate-limiting组件拒绝服务漏洞 |
高危 |
7.5 |
2026-01-08 |
| CVE-2025-27004 |
WordPress Famous插件反射型XSS漏洞 |
高危 |
7.1 |
2026-01-08 |
| CVE-2025-27002 |
WordPress CountDown插件反射型XSS漏洞 |
高危 |
7.1 |
2026-01-08 |
| CVE-2025-23993 |
Felan Framework SQL注入漏洞 |
严重 |
9.3 |
2026-01-08 |
| CVE-2025-23504 |
Felan Framework 认证绕过漏洞 |
严重 |
9.8 |
2026-01-08 |
| CVE-2025-22728 |
Workreap主题插件SQL注入漏洞 |
高危 |
8.5 |
2026-01-08 |