CVE 清單 – 發現高風險與在野利用漏洞

聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。

指派機構(CNA / 來源):[email protected] 移除此篩選

顯示 14116016864 筆結果
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2022-29441 Cross-Site Request Forgery (CSRF) vulnerability in Private Messages For WordPress plugin <= 2.1.10 at WordPress allows attackers to send messages. 4.3 0.39% 2022-06-15 2026-06-17
CVE-2022-29442 Authenticated (subscriber or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Messages For WordPress <= 2.1.10 at WordPress. 5.4 0.51% 2022-06-15 2026-06-17
CVE-2022-29453 Cross-Site Request Forgery (CSRF) vulnerability in API KEY for Google Maps plugin <= 1.2.1 at WordPress leading to Google Maps API key update. 5.4 0.41% 2022-06-15 2026-06-17
CVE-2022-29443 Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark's Hotel Booking plugin <= 3.0 at WordPress. 4.1 0.48% 2022-06-15 2026-06-17
CVE-2022-29450 Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress. 5.4 0.39% 2022-06-15 2026-06-17
CVE-2021-36891 Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery by Supsystic plugin <= 1.15.5 at WordPress allows changing the plugin settings. 5.4 0.37% 2022-06-15 2026-06-16
CVE-2022-28612 Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Muneeb's Custom Popup Builder plugin <= 1.3.1 at WordPress. 5.4 0.45% 2022-06-15 2026-06-17
CVE-2022-29452 Authenticated (editor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Export All URLs plugin <= 4.1 at WordPress. 3.4 0.48% 2022-06-15 2026-06-17
CVE-2022-32280 Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Xakuro's XO Slider plugin <= 3.3.2 at WordPress. 5.4 0.48% 2022-06-15 2026-06-17
CVE-2021-36827 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label". 4.8 0.47% 2022-06-16 2026-06-16
CVE-2021-36849 Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in René Hermenau's Social Media Share Buttons plugin <= 3.8.1 at WordPress. 3.4 0.42% 2022-07-20 2026-06-16
CVE-2022-29454 Cross-Site Request Forgery (CSRF) vulnerability in WordPlus Better Messages plugin <= 1.9.9.148 at WordPress allows attackers to upload files. File attachment to messages must be activated. 3.1 0.25% 2022-07-20 2026-06-17
CVE-2022-29923 Cross-site Scripting (XSS) vulnerability in ThingsForRestaurants Quick Restaurant Reservations (WordPress plugin) allows Reflected XSS.This issue affects Quick Restaurant Reservations (WordPress plugin): from n/a through 1.4.1. 5.9 0.42% 2022-07-20 2026-06-17
CVE-2022-32289 Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.0 at WordPress leading to popup status change. 5.4 0.26% 2022-07-21 2026-06-17
CVE-2022-28666 Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin <= 1.7.7 at WordPress leading to &yikes-the-content-toggle option update. 5.3 1.18% 2022-07-21 2026-06-17
CVE-2022-30337 Cross-Site Request Forgery (CSRF) vulnerability in JoomUnited WP Meta SEO plugin <= 4.4.8 at WordPress allows an attacker to update the social settings. 5.4 0.26% 2022-07-21 2026-06-17
CVE-2022-28700 Authenticated Arbitrary File Creation via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress. 9.1 1.45% 2022-07-21 2026-06-17
CVE-2022-30536 Authenticated Stored Cross-Site Scripting (XSS) vulnerability in Florent Maillefaud's WP Maintenance plugin <= 6.0.7 at WordPress. 3.4 0.59% 2022-07-21 2026-06-17
CVE-2022-31475 Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress. 5.5 0.67% 2022-07-21 2026-06-17
CVE-2022-33198 Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin <= 2.0.2 at WordPress. 9.8 2.65% 2022-07-21 2026-06-17
cvelogic Threat Intelligence