| CVE-2025-14991 |
Campcodes在线美容店管理系统fromdate参数XSS漏洞 |
低危 |
2.4 |
2025-12-21 |
| CVE-2025-14990 |
Campcodes在线美容院管理系统SQL注入漏洞 |
高危 |
7.3 |
2025-12-21 |
| CVE-2025-14989 |
Campcodes Beauty Parlor Management System SQL注入漏洞 |
高危 |
7.3 |
2025-12-21 |
| CVE-2025-14855 |
WordPress SureForms插件存储型XSS漏洞 |
高危 |
7.2 |
2025-12-21 |
| CVE-2025-14800 |
WordPress Contact Form 7重定向插件任意文件上传漏洞 |
高危 |
8.1 |
2025-12-21 |
| CVE-2025-14080 |
WordPress Frontend Post Submission Manager Lite 未授... |
中危 |
5.3 |
2025-12-21 |
| CVE-2025-14071 |
WordPress Live Composer插件PHP对象注入漏洞 |
高危 |
7.5 |
2025-12-21 |
| CVE-2025-14054 |
| WC Builder WordPress插件存储型XSS漏洞 |
中危 |
4.4 |
2025-12-21 |
| CVE-2025-14043 |
WordPress Tainacan插件未授权元数据创建漏洞 |
中危 |
5.3 |
2025-12-21 |
| CVE-2025-13838 |
WishSuite WordPress插件存储型XSS漏洞 |
中危 |
6.4 |
2025-12-21 |
| CVE-2025-13693 |
WordPress Final Tiles Grid插件存储型XSS漏洞 |
中危 |
6.4 |
2025-12-21 |
| CVE-2025-13361 |
WordPress Web to SugarCRM Lead插件CSRF漏洞 |
中危 |
4.3 |
2025-12-21 |
| CVE-2025-13220 |
WordPress Ultimate Member插件存储型XSS漏洞 |
中危 |
6.4 |
2025-12-21 |
| CVE-2025-12980 |
WordPress PostX插件未授权信息泄露漏洞 |
高危 |
7.5 |
2025-12-21 |
| CVE-2025-12654 |
WPvivid插件任意目录创建漏洞 |
低危 |
2.7 |
2025-12-21 |
| CVE-2025-12398 |
WordPress WooCommerce产品表插件反射型XSS漏洞 |
中危 |
6.1 |
2025-12-21 |
| CVE-2025-11496 |
WordPress餐厅预订插件存储型XSS漏洞 |
中危 |
6.1 |
2025-12-21 |
| CVE-2023-47232 |
WordPress WP Affiliate Disclosure插件CSRF和访问控制漏洞 |
低危 |
4.3 |
2025-12-21 |
| CVE-2023-25446 |
HappyFiles Pro访问控制绕过漏洞 |
高危 |
7.7 |
2025-12-21 |
| CVE-2023-25445 |
HappyFiles Pro 插件访问控制绕过漏洞 |
中危 |
5.4 |
2025-12-21 |
| CVE-2023-25068 |
Magazine Edge WordPress主题缺失授权漏洞 |
中危 |
4.3 |
2025-12-21 |
| CVE-2025-8065 |
Tapo C200/C520WS ONVIF SOAP XML解析器栈缓冲区溢出漏洞 |
中危 |
6.5 |
2025-12-20 |
| CVE-2025-7782 |
WordPress JobHunt插件未授权XSS漏洞 |
高危 |
7.6 |
2025-12-20 |
| CVE-2025-7733 |
WordPress JobHunt插件IDOR漏洞可导致邮件注入攻击 |
中危 |
4.3 |
2025-12-20 |
| CVE-2025-14735 |
WordPress Amazon Affiliate Lite Plugin 存储型XSS漏洞 |
中危 |
4.4 |
2025-12-20 |
| CVE-2025-14734 |
WordPress Amazon affiliate lite插件CSRF漏洞 |
中危 |
5.4 |
2025-12-20 |
| CVE-2025-14721 |
WordPress Responsive and Swipe Slider存储型XSS漏洞 |
中危 |
5.5 |
2025-12-20 |
| CVE-2025-14633 |
WordPress F70 Lead Document Download插件未授权文件访问漏洞 |
中危 |
5.3 |
2025-12-20 |
| CVE-2025-14591 |
Delphix Continuous Compliance EOR配置错误导致PII数据泄露 |
高危 |
7.5 |
2025-12-20 |
| CVE-2025-14300 |
TP-Link Tapo C200 V3 未授权Wi-Fi配置修改漏洞 |
高危 |
8.1 |
2025-12-20 |
| CVE-2025-14299 |
Tapo C200 V3 HTTPS服务器Content-Length验证不当导致拒绝服务 |
中危 |
6.5 |
2025-12-20 |
| CVE-2025-14298 |
FiboSearch插件thegem_te_search短代码存储型XSS漏洞 |
中危 |
5.4 |
2025-12-20 |
| CVE-2025-14168 |
WP DB Booster插件CSRF漏洞可删除数据库记录 |
中危 |
4.3 |
2025-12-20 |
| CVE-2025-14164 |
WordPress Quran Gateway插件CSRF漏洞 |
中危 |
4.3 |
2025-12-20 |
| CVE-2025-13624 |
WordPress Overstock Affiliate Links插件反射型XSS漏洞 |
中危 |
6.1 |
2025-12-20 |
| CVE-2025-13619 |
Flex Store Users插件权限提升漏洞 |
严重 |
9.8 |
2025-12-20 |
| CVE-2025-13365 |
WordPress WP Hallo Welt插件CSRF存储型XSS漏洞 |
中危 |
6.1 |
2025-12-20 |
| CVE-2025-13329 |
WordPress File Uploader for WooCommerce 任意文件上传漏洞 |
严重 |
9.8 |
2025-12-20 |
| CVE-2025-12898 |
WordPress Pretty Google Calendar插件未授权API密钥泄露漏洞 |
中危 |
5.3 |
2025-12-20 |
| CVE-2025-12820 |
Pure WC Variation Swatches插件授权绕过漏洞 |
中危 |
5.3 |
2025-12-20 |
| CVE-2025-12581 |
WordPress Attachments Handler插件反射型XSS漏洞 |
中危 |
6.1 |
2025-12-20 |
| CVE-2025-12492 |
WordPress Ultimate Member插件敏感信息泄露漏洞 |
中危 |
5.3 |
2025-12-20 |
| CVE-2025-68613 |
n8n工作流自动化平台表达式远程代码执行漏洞 |
严重 |
9.9 |
2025-12-19 |
| CVE-2025-68481 |
FastAPI Users OAuth登录状态令牌CSRF漏洞 |
中危 |
5.9 |
2025-12-19 |
| CVE-2025-68478 |
Langflow 路径遍历导致任意文件写入漏洞 |
高危 |
7.1 |
2025-12-19 |
| CVE-2025-68477 |
Langflow API Request组件SSRF漏洞 |
高危 |
7.7 |
2025-12-19 |
| CVE-2025-68457 |
Orejime同意管理器data属性XSS代码执行漏洞 |
中危 |
6.1 |
2025-12-19 |
| CVE-2025-68430 |
CVAT目录遍历漏洞导致敏感目录信息泄露 |
中危 |
4.3 |
2025-12-19 |
| CVE-2025-67846 |
Mintlify Platform部署基础设施降级攻击漏洞 |
中危 |
4.9 |
2025-12-19 |
| CVE-2025-67845 |
| Mintlify 静态资源代理端点目录遍历漏洞 |
中危 |
6.4 |
2025-12-19 |