聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。
分配机构(CNA / 来源):[email protected] 移除此筛选
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2022-34487 | Unauthenticated Arbitrary Option Update vulnerability in biplob018's Shortcode Addons plugin <= 3.0.2 at WordPress. | 9.8 | 2.65% | 2022-07-21 | 2026-06-17 |
| CVE-2022-27235 | Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. | 6.3 | 0.69% | 2022-07-22 | 2026-06-17 |
| CVE-2022-29495 | Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.11 at WordPress allows an attacker to update plugin settings. | 5.4 | 0.41% | 2022-07-22 | 2026-06-17 |
| CVE-2022-30998 | Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress. | 9.1 | 0.70% | 2022-07-22 | 2026-06-17 |
| CVE-2022-33191 | Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Chinmoy Paul's Testimonials plugin <= 3.0.1 at WordPress. | 4.1 | 0.46% | 2022-07-22 | 2026-06-17 |
| CVE-2022-33901 | Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <= 4.13.1 at WordPress. | 5.3 | 2.19% | 2022-07-22 | 2026-06-17 |
| CVE-2022-33960 | Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. | 8.5 | 0.77% | 2022-07-22 | 2026-06-17 |
| CVE-2022-34650 | Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. | 4.1 | 0.46% | 2022-07-22 | 2026-06-17 |
| CVE-2022-34839 | Authentication Bypass vulnerability in CodexShaper's WP OAuth2 Server plugin <= 1.0.1 at WordPress. | 5.9 | 0.86% | 2022-07-22 | 2026-06-17 |
| CVE-2022-34853 | Multiple Authenticated (contributor or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. | 4.1 | 0.46% | 2022-07-22 | 2026-06-17 |
| CVE-2022-33965 | Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plugin <= 5.7 at WordPress. | 9.3 | 3.41% | 2022-07-25 | 2026-06-17 |
| CVE-2022-33969 | Authenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin <= 2.6.0 at WordPress. | 7.2 | 0.96% | 2022-07-25 | 2026-06-17 |
| CVE-2022-36375 | Authenticated (high role user) WordPress Options Change vulnerability in Biplob Adhikari's Tabs plugin <= 3.6.0 at WordPress. | 7.2 | 0.96% | 2022-07-25 | 2026-06-17 |
| CVE-2022-33970 | Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress. | 7.2 | 0.90% | 2022-07-27 | 2026-06-17 |
| CVE-2022-33943 | Authenticated (contributor or higher user role) Cross-Site Scripting (XSS) vulnerability in Nico Amarilla's BxSlider WP plugin <= 2.0.0 at WordPress. | 5.4 | 0.46% | 2022-07-27 | 2026-06-17 |
| CVE-2022-35882 | Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in GS Plugins GS Testimonial Slider plugin <= 1.9.5 at WordPress. | 4.8 | 0.46% | 2022-07-28 | 2026-06-17 |
| CVE-2022-36378 | Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Floating Div plugin <= 3.0 at WordPress. | 4.8 | 0.46% | 2022-07-29 | 2026-06-17 |
| CVE-2022-34154 | Authenticated (author or higher user role) Arbitrary File Upload vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1 at WordPress. | 7.2 | 0.98% | 2022-08-01 | 2026-06-17 |
| CVE-2022-36343 | Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1 at WordPress. | 3.4 | 0.45% | 2022-08-01 | 2026-06-17 |
| CVE-2021-36861 | Cross-Site Request Forgery (CSRF) vulnerability in Rich Reviews by Starfish plugin <= 1.9.14 at WordPress allows an attacker to delete reviews. | 5.4 | 0.27% | 2022-08-05 | 2026-06-16 |