目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21018

access:pre-auth 类型相关 21018 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2021-47900 Gila CMS 安全漏洞 — Gila CMSCWE-98 9.8 Critical2026-01-27
CVE-2020-36939 Cassandra Web 路径遍历漏洞 — Cassandra WebCWE-22 7.5 High2026-01-27
CVE-2025-12386 Pix-Link LV-WR21Q 访问控制错误漏洞 — LV-WR21QCWE-306 7.5AIHighAI2026-01-27
CVE-2025-14971 WordPress plugin Link Invoice Payment for WooCommerce 安全漏洞 — Link Invoice Payment for WooCommerceCWE-862 5.3 Medium2026-01-27
CVE-2026-24477 AnythingLLM 安全漏洞 — anything-llmCWE-201 9.1AICriticalAI2026-01-26
CVE-2025-59472 Next.js 安全漏洞 — next 5.9 Medium2026-01-26
CVE-2025-57785 Hiawatha 安全漏洞 — Hiawatha Web server 9.8AICriticalAI2026-01-26
CVE-2025-57783 Hiawatha 安全漏洞 — Hiawatha Web server 8.2AIHighAI2026-01-26
CVE-2026-24656 Apache Karaf Decanter 安全漏洞 — Apache KarafCWE-502 9.1AICriticalAI2026-01-26
CVE-2025-6461 WordPress plugin CubeWP – All-in-One Dynamic Content Framework 信息泄露漏洞 — CubeWP FrameworkCWE-200 4.3 Medium2026-01-25
CVE-2026-0862 WordPress plugin Save as PDF Plugin by PDFCrowd 跨站脚本漏洞 — Save as PDF Plugin by PDFCrowdCWE-79 6.1 Medium2026-01-24
CVE-2025-13920 WordPress plugin WP Directory Kit 信息泄露漏洞 — WP Directory KitCWE-200 5.3 Medium2026-01-24
CVE-2025-13205 WordPress plugin SurveyJS: Drag & Drop WordPress Form Builder 跨站请求伪造漏洞 — SurveyJS: Drag & Drop Form BuilderCWE-352 4.3 Medium2026-01-24
CVE-2026-1127 WordPress plugin Timeline Event History 跨站脚本漏洞 — Timeline Event HistoryCWE-79 6.1 Medium2026-01-24
CVE-2025-13194 WordPress plugin SurveyJS: Drag & Drop WordPress Form Builder 跨站请求伪造漏洞 — SurveyJS: Drag & Drop Form BuilderCWE-352 4.3 Medium2026-01-24
CVE-2026-1208 WordPress plugin Friendly Functions for Welcart 跨站请求伪造漏洞 — Friendly Functions for WelcartCWE-352 4.3 Medium2026-01-24
CVE-2025-13139 WordPress plugin SurveyJS: Drag & Drop WordPress Form Builder 跨站请求伪造漏洞 — SurveyJS: Drag & Drop Form BuilderCWE-352 4.3 Medium2026-01-24
CVE-2026-0633 WordPress plugin MetForm 授权问题漏洞 — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-287 3.7 Low2026-01-24
CVE-2025-14630 WordPress plugin AdminQuickbar 跨站请求伪造漏洞 — AdminQuickbarCWE-352 4.3 Medium2026-01-24
CVE-2025-14907 WordPress plugin Moderate Selected Posts 跨站请求伪造漏洞 — Moderate Selected PostsCWE-352 4.3 Medium2026-01-24
CVE-2026-0800 WordPress plugin User Submitted Posts 跨站脚本漏洞 — User Submitted Posts – Enable Users to Submit Posts from the Front EndCWE-79 7.2 High2026-01-24
CVE-2026-1088 WordPress plugin Login Page Editor 跨站请求伪造漏洞 — Login Page EditorCWE-352 4.3 Medium2026-01-24
CVE-2025-13676 WordPress plugin JustClick registration 跨站脚本漏洞 — JustClick registration pluginCWE-79 6.1 Medium2026-01-24
CVE-2025-14609 WordPress plugin Wise Analytics 安全漏洞 — Wise AnalyticsCWE-862 5.3 Medium2026-01-24
CVE-2025-14843 WordPress plugin Wizit Gateway for WooCommerce 安全漏洞 — Wizit Gateway for WooCommerceCWE-862 5.3 Medium2026-01-24
CVE-2026-1075 WordPress plugin ZT Captcha 跨站请求伪造漏洞 — ZT CaptchaCWE-352 4.3 Medium2026-01-24
CVE-2026-1081 WordPress plugin Set Bulk Post Categories 跨站请求伪造漏洞 — Set Bulk Post CategoriesCWE-352 4.3 Medium2026-01-24
CVE-2025-14629 WordPress plugin Alchemist Ajax Upload 安全漏洞 — Alchemist Ajax UploadCWE-862 5.3 Medium2026-01-24
CVE-2025-13374 WordPress plugin Kalrav AI Agent 代码问题漏洞 — Kalrav AI AgentCWE-434 9.8 Critical2026-01-24
CVE-2025-14906 WordPress plugin WP Youtube Video Gallery 跨站请求伪造漏洞 — WP Youtube Video GalleryCWE-352 4.3 Medium2026-01-24

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21018 条 CVE 漏洞。