目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21018

access:pre-auth 类型相关 21018 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2026-23944 arcane 访问控制错误漏洞 — arcaneCWE-306 8.6AIHighAI2026-01-19
CVE-2026-23849 FileBrowser 安全漏洞 — filebrowserCWE-208 5.3 Medium2026-01-19
CVE-2026-23848 MyTube 安全漏洞 — MyTubeCWE-807 6.5 Medium2026-01-19
CVE-2026-23837 MyTube 安全漏洞 — MyTubeCWE-863 9.8 Critical2026-01-19
CVE-2026-23838 Tandoor Recipes 安全漏洞 — nixpkgsCWE-538 7.5AIHighAI2026-01-19
CVE-2026-23833 ESPHome 输入验证错误漏洞 — esphomeCWE-190 8.6AIHighAI2026-01-19
CVE-2026-23646 OpenProject 安全漏洞 — openprojectCWE-488 6.5 Medium2026-01-19
CVE-2026-22850 WordPress plugin Koko Analytics SQL注入漏洞 — koko-analyticsCWE-89 8.4 High2026-01-19
CVE-2025-11043 B&R Automation Studio 信任管理问题漏洞 — B&R Automation StudioCWE-295 7.4 High2026-01-19
CVE-2026-1119 itsourcecode Society Management System SQL注入漏洞 — Society Management SystemCWE-89 7.3 High2026-01-18
CVE-2025-14078 WordPress plugin PAYGENT for WooCommerce 安全漏洞 — PAYGENT for WooCommerceCWE-862 5.3 Medium2026-01-17
CVE-2025-10484 WordPress plugin Registration & Login with Mobile Phone Number for WooCommerce 安全漏洞 — Registration & Login with Mobile Phone Number for WooCommerceCWE-288 9.8 Critical2026-01-17
CVE-2025-12129 WordPress plugin CubeWP – All-in-One Dynamic Content Framework 信息泄露漏洞 — CubeWP FrameworkCWE-200 5.3 Medium2026-01-17
CVE-2026-0808 WordPress plugin Spin Wheel 安全漏洞 — Spin Wheel – Interactive spinning wheel that offers couponsCWE-602 5.3 Medium2026-01-17
CVE-2025-12825 WordPress plugin User Registration Using Contact Form 安全漏洞 — User Registration Using Contact Form 7CWE-862 5.3 Medium2026-01-17
CVE-2025-14029 WordPress plugin Community Events 安全漏洞 — Community EventsCWE-862 5.3 Medium2026-01-17
CVE-2025-14463 WordPress plugin Payment Button for PayPal 安全漏洞 — Payment Button for PayPalCWE-862 5.3 Medium2026-01-17
CVE-2025-12002 WordPress plugin Feeds for YouTube Pro 路径遍历漏洞 — YouTube Feed ProCWE-22 5.9 Medium2026-01-17
CVE-2025-12718 WordPress plugin Quick Contact Form 输入验证错误漏洞 — Quick Contact FormCWE-20 5.8 Medium2026-01-17
CVE-2025-15403 WordPress plugin RegistrationMagic 安全漏洞 — RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User LoginCWE-269 9.8 Critical2026-01-17
CVE-2025-14075 WordPress plugin WP Hotel Booking 信息泄露漏洞 — WP Hotel BookingCWE-200 5.3 Medium2026-01-17
CVE-2019-25297 WordPress plugin Poll, Survey & Quiz Maker Plugin by Opinion Stage 安全漏洞 — Poll, Survey & Quiz Maker Plugin by Opinion StageCWE-79 6.1 -2026-01-16
CVE-2012-10064 WordPress plugin Omni Secure Files 安全漏洞 — Omni Secure FilesCWE-434 9.8 -2026-01-16
CVE-2026-23722 WeGIA 跨站脚本漏洞 — WeGIACWE-79 9.1 Critical2026-01-16
CVE-2025-14844 WordPress plugin Membership Plugin – Restrict Content 安全漏洞 — Membership Plugin – Restrict ContentCWE-639 8.2 High2026-01-16
CVE-2025-14757 WordPress plugin Cost Calculator Builder 安全漏洞 — Cost Calculator BuilderCWE-862 5.3 Medium2026-01-16
CVE-2026-1004 WordPress plugin Essential Addons for Elementor 安全漏洞 — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-862 5.3 Medium2026-01-16
CVE-2025-14375 WordPress plugin RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging 跨站脚本漏洞 — RSS Aggregator – RSS Import, News Feeds, Feed to Post, and AutobloggingCWE-79 6.1 Medium2026-01-16
CVE-2025-14853 WordPress plugin LEAV Last Email Address Validator 跨站请求伪造漏洞 — LEAV Last Email Address ValidatorCWE-352 4.3 Medium2026-01-16
CVE-2026-0939 WordPress plugin Rede Itaú for WooCommerce 数据伪造问题漏洞 — Rede Itaú for WooCommerce — Payment PIX, Credit Card and DebitCWE-345 5.3 Medium2026-01-16

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21018 条 CVE 漏洞。