目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21031

access:pre-auth 类型相关 21031 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2025-14131 WordPress plugin WP Widget Changer 跨站脚本漏洞 — WP Widget ChangerCWE-79 6.1 Medium2026-01-07
CVE-2025-14130 WordPress plugin Post Like Dislike 跨站脚本漏洞 — Post Like DislikeCWE-79 6.1 Medium2026-01-07
CVE-2025-14352 WordPress plugin Awesome Hotel Booking 安全漏洞 — Awesome Hotel BookingCWE-863 5.3 Medium2026-01-07
CVE-2025-14118 WordPress plugin Starred Review 跨站脚本漏洞 — Starred ReviewCWE-79 6.1 Medium2026-01-07
CVE-2025-14127 WordPress plugin Testimonial Master 跨站脚本漏洞 — Testimonial MasterCWE-79 6.1 Medium2026-01-07
CVE-2025-14128 WordPress plugin Stumble! for WordPress 跨站脚本漏洞 — Stumble! for WordPressCWE-79 6.1 Medium2026-01-07
CVE-2025-13694 WordPress plugin AA Block Country 安全漏洞 — AA Block countryCWE-348 5.3 Medium2026-01-07
CVE-2025-13521 WordPress plugin WP Status Notifier 跨站请求伪造漏洞 — WP Status NotifierCWE-352 4.3 Medium2026-01-07
CVE-2025-15018 WordPress plugin Optional Email 安全漏洞 — Optional EmailCWE-639 9.8 Critical2026-01-07
CVE-2025-13493 WordPress plugin Latest Registered Users 安全漏洞 — Latest Registered UsersCWE-862 7.5 High2026-01-07
CVE-2025-13520 WordPress plugin MTCaptcha 跨站请求伪造漏洞 — MTCaptcha WordPress PluginCWE-352 4.3 Medium2026-01-07
CVE-2025-13527 WordPress plugin xShare 跨站请求伪造漏洞 — xShareCWE-352 4.3 Medium2026-01-07
CVE-2025-13529 WordPress plugin Unify 安全漏洞 — UnifyCWE-862 5.3 Medium2026-01-07
CVE-2025-12540 WordPress plugin ShareThis Dashboard for Google Analytics 信息泄露漏洞 — ShareThis Dashboard for Google AnalyticsCWE-200 4.7 Medium2026-01-07
CVE-2025-14999 WordPress plugin Latest Tabs 跨站请求伪造漏洞 — Latest TabsCWE-352 4.3 Medium2026-01-07
CVE-2025-13519 WordPress plugin SVG Map Plugin 跨站请求伪造漏洞 — SVG Map by SmjrifleCWE-352 6.1 Medium2026-01-07
CVE-2025-11877 WordPress plugin User Activity Log 安全漏洞 — User Activity LogCWE-862 7.5 High2026-01-07
CVE-2025-13369 WordPress plugin Premmerce WooCommerce Customers Manager 跨站脚本漏洞 — Premmerce WooCommerce Customers ManagerCWE-79 6.1 Medium2026-01-07
CVE-2025-31963 HCL BigFix IVR 安全漏洞 — BigFix IVRCWE-306 2.9 Low2026-01-07
CVE-2025-14842 WordPress plugin Drag and Drop Multiple File Upload – Contact Form 7 代码问题漏洞 — Drag and Drop Multiple File Upload for Contact Form 7CWE-434 6.1 Medium2026-01-07
CVE-2025-13371 WordPress plugin MoneySpace 信息泄露漏洞 — Money SpaceCWE-200 8.6 High2026-01-07
CVE-2026-0656 WordPress plugin iPaymu Payment Gateway for WooCommerce 安全漏洞 — iPaymu Payment Gateway for WooCommerceCWE-862 8.2 High2026-01-07
CVE-2025-14845 WordPress plugin NS IE Compatibility Fixer 跨站请求伪造漏洞 — NS Ie Compatibility FixerCWE-352 4.3 Medium2026-01-07
CVE-2025-13657 WordPress plugin HelpDesk contact form 跨站请求伪造漏洞 — HelpDesk Contact FormCWE-352 4.3 Medium2026-01-07
CVE-2025-14875 WordPress plugin HBLPAY Payment Gateway for WooCommerce 跨站脚本漏洞 — HBLPAY Payment Gateway for WooCommerceCWE-79 6.1 Medium2026-01-07
CVE-2025-14901 WordPress plugin Bit Form – Contact Form Plugin 安全漏洞 — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builderCWE-862 6.5 Medium2026-01-07
CVE-2025-14904 WordPress plugin Newsletter Email Subscribe 跨站请求伪造漏洞 — Newsletter Email SubscribeCWE-352 4.3 Medium2026-01-07
CVE-2025-14835 WordPress plugin WP Photo Album Plus 安全漏洞 — WP Photo Album PlusCWE-80 7.1 High2026-01-07
CVE-2025-15474 AuntyFey Smart Combination Lock 安全漏洞 — AuntyFey Smart Combination LockCWE-770 6.5 -2026-01-07
CVE-2025-14468 WordPress plugin AMP for WP – Accelerated Mobile Pages 跨站请求伪造漏洞 — AMP for WP – Accelerated Mobile PagesCWE-352 4.3 Medium2026-01-07

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21031 条 CVE 漏洞。