聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。
分配机构(CNA / 来源):[email protected] 移除此筛选
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2025-48153 | Cross-Site Request Forgery (CSRF) vulnerability in Atakan Au Import CDN-Remote Images import-cdn-remote-images allows Stored XSS.This issue affects Import CDN-Remote Images: from n/a through <= 2.1.2. | 7.1 | 0.08% | 2025-07-16 | 2026-06-17 |
| CVE-2025-48146 | Cross-Site Request Forgery (CSRF) vulnerability in Michael Lups SEO Flow by LupsOnline lupsonline-link-netwerk allows Stored XSS.This issue affects SEO Flow by LupsOnline: from n/a through <= 2.2.1. | 7.1 | 0.08% | 2025-05-16 | 2026-06-17 |
| CVE-2025-48144 | Cross-Site Request Forgery (CSRF) vulnerability in sidngr Import Export For WooCommerce import-export-for-woocommerce allows Stored XSS.This issue affects Import Export For WooCommerce: from n/a through <= 1.6.2. | 7.1 | 0.08% | 2025-05-16 | 2026-06-17 |
| CVE-2025-48114 | Cross-Site Request Forgery (CSRF) vulnerability in Shayan Farhang Pazhooh ShayanWeb Admin FontChanger shayanweb-admin-fontchanger allows Stored XSS.This issue affects ShayanWeb Admin FontChanger: from n/a through <= 1.9.1. | 7.1 | 0.08% | 2025-05-16 | 2026-06-17 |
| CVE-2025-47685 | Cross-Site Request Forgery (CSRF) vulnerability in Moloni Contribuinte Checkout contribuinte-checkout allows Stored XSS.This issue affects Contribuinte Checkout: from n/a through <= 2.0.03. | 7.1 | 0.08% | 2025-05-07 | 2026-06-17 |
| CVE-2025-47655 | Cross-Site Request Forgery (CSRF) vulnerability in themarketer2023 theMarketer themarketer allows Stored XSS.This issue affects theMarketer: from n/a through <= 1.4.7. | 7.1 | 0.08% | 2025-05-07 | 2026-06-17 |
| CVE-2025-47648 | Cross-Site Request Forgery (CSRF) vulnerability in axima Pays – WooCommerce Payment Gateway axima-payment-gateway allows Stored XSS.This issue affects Pays – WooCommerce Payment Gateway: from n/a through <= 2.6. | 7.1 | 0.08% | 2025-05-07 | 2026-06-17 |
| CVE-2025-47639 | Cross-Site Request Forgery (CSRF) vulnerability in Supertext Supertext Translation and Proofreading polylang-supertext allows Stored XSS.This issue affects Supertext Translation and Proofreading: from n/a through <= 4.26. | 7.1 | 0.08% | 2025-05-07 | 2026-06-17 |
| CVE-2025-47620 | Cross-Site Request Forgery (CSRF) vulnerability in bundgaard Martins Free Monetized Ad Exchange Network martins-free-and-easy-ad-network-get-more-visitors allows Reflected XSS.This issue affects Martins Free Monetized Ad Exchange Network: from n/a through <= 1.0.6. | 7.1 | 0.08% | 2025-05-07 | 2026-06-17 |
| CVE-2025-47517 | Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Accept Donations with PayPal & Stripe easy-paypal-donation allows Stored XSS.This issue affects Accept Donations with PayPal & Stripe: from n/a through <= 1.4.5. | 7.1 | 0.08% | 2025-05-07 | 2026-06-17 |
| CVE-2025-47514 | Cross-Site Request Forgery (CSRF) vulnerability in Eli ELI's Related Posts Footer Links and Widget spostarbust allows Stored XSS.This issue affects ELI's Related Posts Footer Links and Widget: from n/a through <= 1.2.04.20. | 7.1 | 0.08% | 2025-05-07 | 2026-06-17 |
| CVE-2025-46510 | Cross-Site Request Forgery (CSRF) vulnerability in harrysudana Contact Form 7 Calendar cf7-calendar allows Stored XSS.This issue affects Contact Form 7 Calendar: from n/a through <= 3.0.1. | 7.1 | 0.08% | 2025-04-24 | 2026-06-17 |
| CVE-2025-46507 | Cross-Site Request Forgery (CSRF) vulnerability in ldrumm Unsafe Mimetypes unsafe-mimetypes allows Stored XSS.This issue affects Unsafe Mimetypes: from n/a through <= 0.1.4. | 7.1 | 0.08% | 2025-04-24 | 2026-06-17 |
| CVE-2025-46466 | Cross-Site Request Forgery (CSRF) vulnerability in felixtz Modern Polls modern-polls allows Stored XSS.This issue affects Modern Polls: from n/a through <= 1.0.10. | 7.1 | 0.08% | 2025-04-24 | 2026-06-17 |
| CVE-2025-43840 | Cross-Site Request Forgery (CSRF) vulnerability in ref CheckBot checkbot allows Stored XSS.This issue affects CheckBot: from n/a through <= 1.05. | 7.1 | 0.08% | 2025-05-19 | 2026-06-17 |
| CVE-2025-39442 | Cross-Site Request Forgery (CSRF) vulnerability in MessageMetric Review Wave – Google Places Reviews review-wave-google-places-reviews allows Stored XSS.This issue affects Review Wave – Google Places Reviews: from n/a through <= 1.4.7. | 7.1 | 0.08% | 2025-04-17 | 2026-06-17 |
| CVE-2025-39440 | Cross-Site Request Forgery (CSRF) vulnerability in Rajesh Broken Links Remover broken-links-remover allows Stored XSS.This issue affects Broken Links Remover: from n/a through <= 1.2.2. | 7.1 | 0.08% | 2025-04-17 | 2026-06-17 |
| CVE-2025-39431 | Cross-Site Request Forgery (CSRF) vulnerability in Aaron Forgue Amazon Showcase WordPress Plugin amazon-showcase-wordpress-widget allows Stored XSS.This issue affects Amazon Showcase WordPress Plugin: from n/a through <= 2.2. | 7.1 | 0.08% | 2025-04-17 | 2026-06-17 |
| CVE-2025-39430 | Cross-Site Request Forgery (CSRF) vulnerability in Alexander Rauscha mLanguage mlanguage allows Stored XSS.This issue affects mLanguage: from n/a through <= 1.6.1. | 7.1 | 0.08% | 2025-04-17 | 2026-06-17 |
| CVE-2025-39424 | Cross-Site Request Forgery (CSRF) vulnerability in simplemaps Simple Maps interactive-maps allows Stored XSS.This issue affects Simple Maps: from n/a through <= 0.98. | 7.1 | 0.08% | 2025-04-17 | 2026-06-17 |