目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21072

access:pre-auth 类型相关 21072 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2025-14553 TP-LINK Tapo C210 安全漏洞 — TP-Link Tapo AppCWE-200 7.3AIHighAI2025-12-16
CVE-2025-68155 Vite Plugin React 安全漏洞 — vite-plugin-reactCWE-22 7.5 High2025-12-16
CVE-2023-53896 D-Link DAP-1325 访问控制错误漏洞 — DAP-1325CWE-306 7.5 High2025-12-16
CVE-2025-59935 GLPI 跨站脚本漏洞 — glpiCWE-79 6.5 Medium2025-12-16
CVE-2025-14002 WordPress plugin WPCOM Member 授权问题漏洞 — WPCOM MemberCWE-287 8.1 High2025-12-16
CVE-2025-13231 WordPress plugin Fancy Product Designer 竞争条件问题漏洞 — Fancy Product DesignerCWE-362 6.5 Medium2025-12-16
CVE-2025-11991 WordPress plugin JetFormBuilder 安全漏洞 — JetFormBuilder — Dynamic Blocks Form BuilderCWE-862 5.3 Medium2025-12-16
CVE-2025-13439 WordPress plugin Fancy Product Designer 信息泄露漏洞 — Fancy Product DesignerCWE-200 5.9 Medium2025-12-16
CVE-2025-12809 WordPress plugin Dokan Pro 安全漏洞 — Dokan ProCWE-862 5.3 Medium2025-12-16
CVE-2025-13956 WordPress plugin LearnPress – WordPress LMS Plugin 安全漏洞 — LearnPress – WordPress LMS Plugin for Create and Sell Online CoursesCWE-862 5.3 Medium2025-12-16
CVE-2025-63414 Allsky Camera 安全漏洞 — n/a 9.8AICriticalAI2025-12-16
CVE-2025-14038 EnterpriseDB Hybrid Manager - LTS 安全漏洞 — Hybrid Manager - LTSCWE-862 7.0 High2025-12-15
CVE-2025-34179 NetSupport Manager 安全漏洞 — ManagerCWE-89 9.1AICriticalAI2025-12-15
CVE-2025-13950 WordPress plugin OneSignal – Web Push Notifications 安全漏洞 — OneSignal – Web Push NotificationsCWE-862 5.3 Medium2025-12-15
CVE-2025-14156 WordPress plugin Fox LMS – WordPress LMS Plugin 输入验证错误漏洞 — Fox LMS – WordPress LMS PluginCWE-20 9.8 Critical2025-12-15
CVE-2025-14383 WordPress plugin Booking Calendar SQL注入漏洞 — Booking CalendarCWE-89 7.5 High2025-12-15
CVE-2025-14709 SGWBox N3 安全漏洞 — sgwbox N3CWE-120 9.8 Critical2025-12-15
CVE-2025-11363 WordPress plugin Royal Addons for Elementor 安全漏洞 — Royal Addons for Elementor 7.5AIHighAI2025-12-15
CVE-2025-14712 JHENG GAO Student Learning Assessment and Support System 安全漏洞 — Student Learning Assessment and Support SystemCWE-497 7.5 High2025-12-15
CVE-2025-65742 Newgen OmniDocs 安全漏洞 — n/a 9.8AICriticalAI2025-12-15
CVE-2025-65779 WeKan 安全漏洞 — n/a 8.6AIHighAI2025-12-15
CVE-2025-65835 PhoneGap / Cordova Social Sharing plugin 安全漏洞 — n/a 7.5AIHighAI2025-12-15
CVE-2025-12696 WordPress plugin HelloLeads CRM Form Shortcode 安全漏洞 — HelloLeads CRM Form Shortcode 5.3AIMediumAI2025-12-14
CVE-2025-13126 WordPress plugin wpForo Forum SQL注入漏洞 — wpForo ForumCWE-89 7.5 High2025-12-14
CVE-2025-10289 WordPress plugin Filter & Grids SQL注入漏洞 — YMC FilterCWE-89 5.9 Medium2025-12-13
CVE-2025-9207 WordPress plugin TI WooCommerce Wishlist 输入验证错误漏洞 — TI WooCommerce WishlistCWE-20 5.3 Medium2025-12-13
CVE-2025-10738 WordPress plugin URL Shortener Plugin For WordPress SQL注入漏洞 — URL Shortener Plugin For WordPressCWE-89 9.8 Critical2025-12-13
CVE-2025-12362 WordPress plugin myCred 安全漏洞 — Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCredCWE-862 5.3 Medium2025-12-13
CVE-2025-11693 WordPress plugin Export WP Page to Static HTML & PDF 信息泄露漏洞 — Export WordPress Pages to Static HTML & PDF — Static Site ExportCWE-200 9.8 Critical2025-12-13
CVE-2025-13092 WordPress plugin Devs CRM – Manage tasks, attendance and teams all together 安全漏洞 — Devs CRM – Manage tasks, attendance and teams all togetherCWE-862 5.3 Medium2025-12-13

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21072 条 CVE 漏洞。