CVE 清單 – 發現高風險與在野利用漏洞

聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。

指派機構(CNA / 來源):[email protected] 移除此篩選

顯示 10112017114 筆結果
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2022-25610 Unauthenticated Stored Cross-Site Scripting (XSS) in Simple Ajax Chat <= 20220115 allows an attacker to store the malicious code. However, the attack requires specific conditions, making it hard to exploit. 3.4 0.69% 2022-03-25 2026-06-17
CVE-2022-25611 Authenticated Stored Cross-Site Scripting (XSS) in Simple Event Planner plugin <= 1.5.4 allows attackers with contributor or higher user roles to inject the malicious script by using vulnerable parameter &custom[add_seg][]. 4.1 0.55% 2022-03-25 2026-06-17
CVE-2022-25612 Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in Simple Event Planner WordPress plugin <= 1.5.4 allows user with author or higher user rights inject the malicious code via vulnerable parameters: &custom[event_organiser], &custom[organiser_email], &custom[organiser_contact]. 4.1 0.55% 2022-03-25 2026-06-17
CVE-2022-25613 Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in FV Flowplayer Video Player (WordPress plugin) versions <= 7.5.18.727 via &fv_wp_flowplayer_field_splash parameter. 4.1 0.54% 2022-04-04 2026-06-17
CVE-2022-25614 Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.7 allows an attacker to Sync with Zoom Meetings. 4.3 0.42% 2022-04-11 2026-06-17
CVE-2022-25615 Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion. 4.3 0.42% 2022-04-11 2026-06-17
CVE-2022-25617 Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter. 4.7 0.76% 2022-05-18 2026-06-17
CVE-2022-25618 Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpDataTables (WordPress plugin) versions <= 2.1.27 3.4 0.53% 2022-04-04 2026-06-17
CVE-2022-25649 Multiple Improper Access Control vulnerabilities in StoreApps Affiliate For WooCommerce premium plugin <= 4.7.0 at WordPress. 5.0 0.69% 2022-08-05 2026-06-17
CVE-2022-25952 Cross-Site Request Forgery (CSRF) vulnerability in Keywordrush Content Egg plugin <= 5.4.0 on WordPress. 4.3 0.28% 2022-11-03 2026-06-17
CVE-2022-26366 Cross-Site Request Forgery (CSRF) in AdRotate Banner Manager Plugin <= 5.9 on WordPress. 5.4 0.26% 2022-11-30 2026-06-17
CVE-2022-26375 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mammothology AB Press Optimizer plugin <= 1.1.1 on WordPress. 4.8 0.40% 2022-10-17 2026-06-17
CVE-2022-27235 Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. 6.3 0.69% 2022-07-22 2026-06-17
CVE-2022-27628 Cross-Site Request Forgery (CSRF) vulnerability in AA-Team WZone – Lite Version plugin 3.1 Lite versions. 4.7 0.23% 2023-02-06 2026-06-17
CVE-2022-27844 Arbitrary File Read vulnerability in WPvivid Team Migration, Backup, Staging – WPvivid (WordPress plugin) versions <= 0.9.70 2.7 1.42% 2022-04-11 2026-06-17
CVE-2022-27845 Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) in PlausibleHQ Plausible Analytics (WordPress plugin) <= 1.2.2 4.8 0.81% 2022-04-11 2026-06-17
CVE-2022-27846 Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress allows attackers to create or modify slider. 4.3 0.40% 2022-04-13 2026-06-17
CVE-2022-27847 Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress allows attackers to import templates. 4.3 0.40% 2022-04-13 2026-06-17
CVE-2022-27848 Authenticated (admin+ user) Stored Cross-Site Scripting (XSS) in Modern Events Calendar Lite (WordPress plugin) <= 6.5.1 3.4 0.53% 2022-04-14 2026-06-17
CVE-2022-27849 Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115 5.3 4.62% 2022-04-15 2026-06-17
cvelogic Threat Intelligence