CVE 列表 – 发现高风险与在野利用漏洞

聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。

分配机构(CNA / 来源):[email protected] 移除此筛选

显示 16118016964 条结果
CVE 描述 最高 CVSS EPSS % 公开时间 更新时间
CVE-2022-34487 Unauthenticated Arbitrary Option Update vulnerability in biplob018's Shortcode Addons plugin <= 3.0.2 at WordPress. 9.8 2.65% 2022-07-21 2026-06-17
CVE-2022-27235 Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. 6.3 0.69% 2022-07-22 2026-06-17
CVE-2022-29495 Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.11 at WordPress allows an attacker to update plugin settings. 5.4 0.41% 2022-07-22 2026-06-17
CVE-2022-30998 Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress. 9.1 0.70% 2022-07-22 2026-06-17
CVE-2022-33191 Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Chinmoy Paul's Testimonials plugin <= 3.0.1 at WordPress. 4.1 0.46% 2022-07-22 2026-06-17
CVE-2022-33901 Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <= 4.13.1 at WordPress. 5.3 2.19% 2022-07-22 2026-06-17
CVE-2022-33960 Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. 8.5 0.77% 2022-07-22 2026-06-17
CVE-2022-34650 Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. 4.1 0.46% 2022-07-22 2026-06-17
CVE-2022-34839 Authentication Bypass vulnerability in CodexShaper's WP OAuth2 Server plugin <= 1.0.1 at WordPress. 5.9 0.86% 2022-07-22 2026-06-17
CVE-2022-34853 Multiple Authenticated (contributor or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. 4.1 0.46% 2022-07-22 2026-06-17
CVE-2022-33965 Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plugin <= 5.7 at WordPress. 9.3 3.41% 2022-07-25 2026-06-17
CVE-2022-33969 Authenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin <= 2.6.0 at WordPress. 7.2 0.96% 2022-07-25 2026-06-17
CVE-2022-36375 Authenticated (high role user) WordPress Options Change vulnerability in Biplob Adhikari's Tabs plugin <= 3.6.0 at WordPress. 7.2 0.96% 2022-07-25 2026-06-17
CVE-2022-33970 Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress. 7.2 0.90% 2022-07-27 2026-06-17
CVE-2022-33943 Authenticated (contributor or higher user role) Cross-Site Scripting (XSS) vulnerability in Nico Amarilla's BxSlider WP plugin <= 2.0.0 at WordPress. 5.4 0.46% 2022-07-27 2026-06-17
CVE-2022-35882 Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in GS Plugins GS Testimonial Slider plugin <= 1.9.5 at WordPress. 4.8 0.46% 2022-07-28 2026-06-17
CVE-2022-36378 Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Floating Div plugin <= 3.0 at WordPress. 4.8 0.46% 2022-07-29 2026-06-17
CVE-2022-34154 Authenticated (author or higher user role) Arbitrary File Upload vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1 at WordPress. 7.2 0.98% 2022-08-01 2026-06-17
CVE-2022-36343 Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1 at WordPress. 3.4 0.45% 2022-08-01 2026-06-17
CVE-2021-36861 Cross-Site Request Forgery (CSRF) vulnerability in Rich Reviews by Starfish plugin <= 1.9.14 at WordPress allows an attacker to delete reviews. 5.4 0.27% 2022-08-05 2026-06-16
cvelogic Threat Intelligence