| CVE-2025-13441 |
WordPress WooCommerce插件缺少授权导致缓存刷新漏洞 |
中危 |
5.3 |
2025-11-27 |
| CVE-2025-13381 |
WordPress AYS ChatGPT插件未授权文件上传漏洞 |
中危 |
5.3 |
2025-11-27 |
| CVE-2025-13378 |
WordPress AYS ChatGPT插件SSRF漏洞 |
中危 |
6.5 |
2025-11-27 |
| CVE-2025-13157 |
WordPress QODE Wishlist插件IDOR漏洞 |
中危 |
5.3 |
2025-11-27 |
| CVE-2025-13143 |
WordPress Opinion Stage插件CSRF漏洞 |
中危 |
4.3 |
2025-11-27 |
| CVE-2025-12971 |
WordPress Folders插件权限绕过导致未授权文件夹操作 |
中危 |
4.3 |
2025-11-27 |
| CVE-2025-12758 |
validator.js isLength()函数Unicode变体选择符过滤不完整漏洞 |
高危 |
7.5 |
2025-11-27 |
| CVE-2025-12713 |
WordPress Soundslides插件1.4.2及之前版本存储型XSS漏洞 |
中危 |
6.4 |
2025-11-27 |
| CVE-2025-12712 |
WordPress Shouty插件存储型XSS漏洞 |
中危 |
6.4 |
2025-11-27 |
| CVE-2025-12670 |
WordPress wp-twitpic插件存储型XSS漏洞 |
中危 |
6.4 |
2025-11-27 |
| CVE-2025-12666 |
WordPress Google Drive插件存储型XSS漏洞 |
中危 |
6.4 |
2025-11-27 |
| CVE-2025-12649 |
WordPress SortTable Post插件存储型XSS漏洞 |
中危 |
6.4 |
2025-11-27 |
| CVE-2025-12584 |
WordPress Quick View for WooCommerce插件信息泄露漏洞 |
中危 |
5.3 |
2025-11-27 |
| CVE-2025-12579 |
WordPress Reuters Direct插件未授权设置重置漏洞 |
中危 |
5.3 |
2025-11-27 |
| CVE-2025-12578 |
WordPress Reuters Direct插件CSRF漏洞 |
中危 |
4.3 |
2025-11-27 |
| CVE-2025-12559 |
Mattermost团队邮箱地址信息泄露漏洞 |
中危 |
4.3 |
2025-11-27 |
| CVE-2025-12421 |
Mattermost认证令牌验证缺陷导致账户接管漏洞 |
严重 |
9.9 |
2025-11-27 |
| CVE-2025-12419 |
Mattermost OAuth状态令牌验证不当账户劫持漏洞 |
严重 |
9.9 |
2025-11-27 |
| CVE-2025-12185 |
WordPress StaffList插件Stored XSS漏洞(CVE-2025-12185) |
中危 |
4.4 |
2025-11-27 |
| CVE-2025-12151 |
Simple Folio插件存储型XSS漏洞 |
中危 |
6.4 |
2025-11-27 |
| CVE-2025-12123 |
WordPress WooCommerce评论收集插件反射型XSS漏洞 |
中危 |
6.1 |
2025-11-27 |
| CVE-2025-10476 |
WP Fastest Cache插件wpfc_db_fix_callback函数权限绕过漏洞 |
中危 |
4.3 |
2025-11-27 |
| CVE-2025-9558 |
Zephyr RTOS pb_adv.c越界写入漏洞 |
高危 |
7.6 |
2025-11-26 |
| CVE-2025-9557 |
Zephyr RTOS越界写入漏洞可导致代码执行 |
高危 |
7.6 |
2025-11-26 |
| CVE-2025-9191 |
WordPress Houzez主题PHP对象注入漏洞 |
中危 |
6.3 |
2025-11-26 |
| CVE-2025-9163 |
WordPress Houzez主题SVG上传存储型XSS漏洞 |
中危 |
6.1 |
2025-11-26 |
| CVE-2025-7449 |
GitLab HTTP响应处理拒绝服务漏洞 |
中危 |
6.5 |
2025-11-26 |
| CVE-2025-66263 |
Mozart FM Transmitter download_setting.php 任意文件读取漏... |
高危 |
7.5 |
2025-11-26 |
| CVE-2025-66262 |
DB Electronica Mozart FM Transmitter 任意文件覆盖漏洞 |
严重 |
9.8 |
2025-11-26 |
| CVE-2025-66261 |
DB Electronica Mozart FM Transmitter 未授权命令注入漏洞 |
严重 |
9.8 |
2025-11-26 |
| CVE-2025-66260 |
Mozart FM Transmitter status_sql.php SQL注入漏洞 |
中危 |
6.5 |
2025-11-26 |
| CVE-2025-66259 |
DB Electronica Mozart FM Transmitter 认证后RCE漏洞 |
严重 |
9.8 |
2025-11-26 |
| CVE-2025-66258 |
DB Electronica Mozart FM Transmitter存储型XSS漏洞 |
中危 |
5.4 |
2025-11-26 |
| CVE-2025-66257 |
DB Electronica Mozart FM Transmitter 未认证任意文件删除漏洞 |
严重 |
9.1 |
2025-11-26 |
| CVE-2025-66256 |
DB Electronica Mozart FM Transmitter未授权任意文件上传漏洞 |
严重 |
9.8 |
2025-11-26 |
| CVE-2025-66255 |
DB Electronica Mozart FM Transmitter未授权任意文件上传漏洞 |
严重 |
9.8 |
2025-11-26 |
| CVE-2025-66254 |
DB Electronica Mozart FM Transmitter未授权任意文件删除漏洞 |
严重 |
9.1 |
2025-11-26 |
| CVE-2025-66253 |
DB Electronica Mozart FM Transmitter start_upgrade... |
严重 |
9.8 |
2025-11-26 |
| CVE-2025-66252 |
Mozart FM Transmitter status_contents.php无限循环DoS漏洞 |
高危 |
7.5 |
2025-11-26 |
| CVE-2025-66251 |
DB Electronica Mozart FM Transmitter 路径遍历任意文件删除漏洞 |
严重 |
9.1 |
2025-11-26 |
| CVE-2025-66250 |
DB Electronica Mozart FM Transmitter 未授权任意文件上传漏洞 |
严重 |
9.8 |
2025-11-26 |
| CVE-2025-66031 |
node-forge ASN.1递归解析栈溢出漏洞 |
高危 |
7.5 |
2025-11-26 |
| CVE-2025-66030 |
node-forge ASN.1 OID整数溢出漏洞 |
中危 |
5.3 |
2025-11-26 |
| CVE-2025-66028 |
OneUptime登录响应权限提升漏洞 |
高危 |
8.2 |
2025-11-26 |
| CVE-2025-66026 |
REDAXO CMS Mediapool反射型XSS漏洞 (CVE-2025-66026) |
中危 |
6.1 |
2025-11-26 |
| CVE-2025-66025 |
Caido Markdown渲染器钓鱼漏洞 |
中危 |
4.3 |
2025-11-26 |
| CVE-2025-66022 |
FACTION Framework 远程代码执行漏洞 |
严重 |
9.6 |
2025-11-26 |
| CVE-2025-66021 |
OWASP Java HTML Sanitizer XSS漏洞 |
中危 |
6.1 |
2025-11-26 |
| CVE-2025-66020 |
Valibot EMOJI_REGEX正则表达式拒绝服务漏洞 |
高危 |
7.5 |
2025-11-26 |
| CVE-2025-65966 |
OneUptime低权限用户账户创建漏洞 |
高危 |
8.1 |
2025-11-26 |