CVE 列表 – 发现高风险与在野利用漏洞

聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。

分配机构(CNA / 来源):[email protected] 移除此筛选

显示 1201205 条结果
«« 第一页 « 上一页 第 1 / 61 页 下一页 »
CVE 描述 最高 CVSS EPSS % 公开时间 更新时间
CVE-2021-36879 Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). Possible if WordPress configuration allows user registration. 9.8 2.11% 2021-09-27 2026-06-16
CVE-2021-36888 Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate (versions <= 9.6.1) WordPress plugin. 9.8 6.74% 2021-12-15 2026-06-16
CVE-2022-27862 Arbitrary File Upload leading to RCE in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 on WordPress allows attackers to upload and execute dangerous file types (e.g. PHP shell) via the signature upload on the booking form. 9.8 1.64% 2022-04-19 2026-06-17
CVE-2022-28700 Authenticated Arbitrary File Creation via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress. 9.1 1.45% 2022-07-21 2026-06-17
CVE-2022-30998 Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress. 9.1 0.70% 2022-07-22 2026-06-17
CVE-2022-33198 Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin <= 2.0.2 at WordPress. 9.8 2.65% 2022-07-21 2026-06-17
CVE-2022-33965 Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plugin <= 5.7 at WordPress. 9.3 3.41% 2022-07-25 2026-06-17
CVE-2022-34149 Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress. 9.8 0.97% 2022-08-22 2026-06-17
CVE-2022-34487 Unauthenticated Arbitrary Option Update vulnerability in biplob018's Shortcode Addons plugin <= 3.0.2 at WordPress. 9.8 2.65% 2022-07-21 2026-06-17
CVE-2022-34858 Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at WordPress. 9.8 1.27% 2022-08-22 2026-06-17
CVE-2022-36386 Authenticated Arbitrary Code Execution vulnerability in Soflyy Import any XML or CSV File to WordPress plugin <= 3.6.7 at WordPress. 9.1 1.08% 2022-09-21 2026-06-17
CVE-2022-40200 Auth. (subscriber+) Arbitrary File Upload vulnerability in wpForo Forum plugin <= 2.0.9 on WordPress. 9.9 0.89% 2022-11-17 2026-06-17
CVE-2022-42497 Arbitrary Code Execution vulnerability in Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress. 10.0 1.06% 2022-11-18 2026-06-17
CVE-2022-42698 Unauth. Arbitrary File Upload vulnerability in WordPress Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress. 9.8 0.89% 2022-11-18 2026-06-17
CVE-2022-42699 Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin <= 1.5.1 on WordPress. 9.1 1.32% 2022-12-06 2026-06-17
CVE-2022-42888 Unauth. Privilege Escalation vulnerability in ARMember premium plugin <= 5.5.1 on WordPress. 9.8 0.69% 2022-12-06 2026-06-17
CVE-2022-43462 Auth. SQL Injection (SQLi) vulnerability in Adeel Ahmed's IP Blacklist Cloud plugin <= 5.00 versions. 9.1 0.72% 2023-01-17 2026-06-17
CVE-2022-44580 SQL Injection (SQLi) vulnerability in RichPlugins Plugin for Google Reviews plugin <= 2.2.3 versions. 9.1 0.63% 2023-03-15 2026-06-17
CVE-2022-44584 Unauth. Arbitrary File Deletion vulnerability in WatchTowerHQ plugin <= 3.6.15 on WordPress. 9.1 0.82% 2022-11-18 2026-06-17
CVE-2022-44588 Unauth. SQL Injection vulnerability in Cryptocurrency Widgets Pack Plugin <=1.8.1 on WordPress. 9.9 2.27% 2022-12-15 2026-06-17
«« 第一页 « 上一页 第 1 / 61 页 下一页 »
cvelogic Threat Intelligence