CVE 列表 – 发现高风险与在野利用漏洞

聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。

分配机构(CNA / 来源):[email protected] 移除此筛选

显示 12114016964 条结果
CVE 描述 最高 CVSS EPSS % 公开时间 更新时间
CVE-2022-29448 Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress. 6.8 0.98% 2022-05-20 2026-06-17
CVE-2022-29426 Authenticated (contributor or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team's Slideshow, Image Slider by 2J plugin <= 1.3.54 at WordPress. 5.4 0.49% 2022-05-20 2026-06-17
CVE-2022-29427 Cross-Site Request Forgery (CSRF) vulnerability in Aftab Muni's Disable Right Click For WP plugin <= 1.1.6 at WordPress. 4.3 0.40% 2022-05-20 2026-06-17
CVE-2022-29428 Cross-Site Scripting (XSS) vulnerability in Muneeb's WP Slider Plugin <= 1.4.5 at WordPress. 4.1 0.49% 2022-05-20 2026-06-17
CVE-2022-29430 Cross-Site Scripting (XSS) vulnerability in KubiQ's PNG to JPG plugin <= 4.0 at WordPress via Cross-Site Request Forgery (CSRF). Vulnerable parameter &jpg_quality. 4.7 0.34% 2022-05-20 2026-06-17
CVE-2022-29431 Cross-Site Request Forgery (CSRF) vulnerability in KubiQ CPT base plugin <= 5.8 at WordPress allows an attacker to delete the CPT base. 5.4 0.36% 2022-05-20 2026-06-17
CVE-2022-29432 Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin <= 2.1.27 on WordPress via &data-link-text, &data-link-url, &data, &data-shortcode, &data-star-num vulnerable parameters. 3.4 0.49% 2022-05-20 2026-06-17
CVE-2022-29434 Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an attacker to edit or delete events. 6.3 0.66% 2022-05-20 2026-06-17
CVE-2022-29447 Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress. 6.8 0.98% 2022-05-20 2026-06-17
CVE-2022-29408 Persistent Cross-Site Scripting (XSS) vulnerability in Vsourz Digital's Advanced Contact form 7 DB plugin <= 1.8.7 at WordPress. 4.7 0.66% 2022-05-25 2026-06-17
CVE-2021-36866 Authenticated (author or higher role) Stored Cross-Site Scripting (XSS) vulnerability in Fatcat Apps Easy Pricing Tables plugin <= 3.1.2 at WordPress. 4.8 0.52% 2022-06-02 2026-06-16
CVE-2021-36890 Cross-Site Request Forgery (CSRF) vulnerability in Social Share Buttons by Supsystic plugin <= 2.2.2 at WordPress. 4.3 0.40% 2022-06-02 2026-06-16
CVE-2022-29455 DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions. 4.7 23.18% 2022-06-13 2026-06-17
CVE-2021-36901 Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Phil Baker's Age Gate plugin <= 2.17.0 at WordPress. 6.1 0.76% 2022-06-15 2026-06-16
CVE-2022-27859 Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark d.o.o. Travel Management plugin <= 2.0 at WordPress. 4.1 0.62% 2022-06-15 2026-06-17
CVE-2022-29406 Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in DynamicWebLab's WordPress Team Manager plugin <= 1.6.9 at WordPress. 4.1 0.58% 2022-06-15 2026-06-17
CVE-2022-29437 Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Image Slider by NextCode plugin <= 1.1.2 at WordPress. 5.4 0.41% 2022-06-15 2026-06-17
CVE-2022-29438 Authenticated (author or higher user role) Persistent Cross-Site Scripting (XSS) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress. 4.8 0.51% 2022-06-15 2026-06-17
CVE-2022-29439 Cross-Site Request Forgery (CSRF) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress allows deleting slides. 5.4 0.39% 2022-06-15 2026-06-17
CVE-2022-29440 Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Promotion Slider plugin <= 3.3.4 at WordPress. 5.4 0.51% 2022-06-15 2026-06-17
cvelogic Threat Intelligence