目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21072

access:pre-auth 类型相关 21072 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2025-14068 WordPress plugin WPNakama SQL注入漏洞 — WPNakama – Team and multi-Client Collaboration, Editorial and Project ManagementCWE-89 7.5 High2025-12-12
CVE-2025-12570 WordPress plugin Fancy Product Designer 跨站脚本漏洞 — Fancy Product DesignerCWE-79 7.2 High2025-12-12
CVE-2025-13660 WordPress plugin Guest Support 信息泄露漏洞 — Guest SupportCWE-200 5.3 Medium2025-12-12
CVE-2025-14138 WordPress plugin WPLG Default Mail From 跨站脚本漏洞 — WPLG Default Mail FromCWE-79 6.1 Medium2025-12-12
CVE-2025-13366 WordPress plugin Rabbit Hole 跨站请求伪造漏洞 — Rabbit HoleCWE-352 4.3 Medium2025-12-12
CVE-2025-14391 WordPress plugin Simple Theme Changer 跨站请求伪造漏洞 — Simple Theme ChangerCWE-352 4.3 Medium2025-12-12
CVE-2025-14137 WordPress plugin Simple AL Slider 跨站脚本漏洞 — Simple AL SliderCWE-79 6.1 Medium2025-12-12
CVE-2025-12834 WordPress plugin Accept Stripe Payments Using Contact Form 7 跨站脚本漏洞 — Accept Stripe Payments Using Contact Form 7CWE-79 6.1 Medium2025-12-12
CVE-2025-14160 WordPress plugin Upcoming for Calendly 跨站请求伪造漏洞 — Upcoming for CalendlyCWE-352 4.3 Medium2025-12-12
CVE-2025-13314 WordPress plugin Product Filtering by Categories, Tags, Price Range for WooCommerce – Filter Plus 安全漏洞 — Filter Plus – Product Filter & WordPress FilterCWE-862 5.3 Medium2025-12-12
CVE-2025-13987 WordPress plugin Purchase and Expense Manager 跨站请求伪造漏洞 — Purchase and Expense ManagerCWE-352 4.3 Medium2025-12-12
CVE-2025-14062 WordPress plugin Animated Pixel Marquee Creator 跨站请求伪造漏洞 — Animated Pixel Marquee CreatorCWE-352 4.3 Medium2025-12-12
CVE-2025-12963 WordPress plugin LazyTasks 安全漏洞 — LazyTasks – Project & Task Management with Collaboration, Kanban and Gantt ChartCWE-862 9.8 Critical2025-12-12
CVE-2025-14132 WordPress plugin Category Dropdown List 跨站脚本漏洞 — Category Dropdown ListCWE-79 6.1 Medium2025-12-12
CVE-2025-13988 WordPress plugin comments-secretary 跨站脚本漏洞 — 评论小秘书CWE-79 6.1 Medium2025-12-12
CVE-2025-14161 WordPress plugin Truefy Embed 跨站请求伪造漏洞 — Truefy EmbedCWE-352 4.3 Medium2025-12-12
CVE-2025-14354 WordPress plugin Resource Library for Logged In Users 跨站请求伪造漏洞 — Resource Library for Logged In UsersCWE-352 4.3 Medium2025-12-12
CVE-2025-13363 WordPress plugin IMAQ Core 跨站请求伪造漏洞 — IMAQ CORECWE-352 4.3 Medium2025-12-12
CVE-2025-14165 WordPress plugin Kirim.Email WooCommerce Integration 跨站请求伪造漏洞 — Kirim.Email WooCommerce IntegrationCWE-352 4.3 Medium2025-12-12
CVE-2025-14044 WordPress plugin Visitor Logic Lite 代码问题漏洞 — Visitor Logic LiteCWE-502 8.1 High2025-12-12
CVE-2025-14158 WordPress plugin Coding Blocks 跨站请求伪造漏洞 — Coding BlocksCWE-352 4.3 Medium2025-12-12
CVE-2025-13408 WordPress plugin Foxtool All-in-One: Contact chat button, Custom login, Media optimize images 跨站请求伪造漏洞 — Foxtool All-in-One: Contact chat button, Custom login, Media optimize imagesCWE-352 4.3 Medium2025-12-12
CVE-2025-12883 WordPress plugin Campay Woocommerce Payment Gateway 安全漏洞 — Campay Woocommerce Payment GatewayCWE-639 5.3 Medium2025-12-12
CVE-2025-14344 WordPress plugin Multi Uploader for Gravity Forms 路径遍历漏洞 — Multi Uploader for Gravity FormsCWE-22 9.8 Critical2025-12-12
CVE-2025-14129 WordPress plugin Like DisLike Voting 跨站脚本漏洞 — Like DisLike VotingCWE-79 6.1 Medium2025-12-12
CVE-2025-14125 WordPress plugin Complag 跨站脚本漏洞 — ComplagCWE-79 6.1 Medium2025-12-12
CVE-2025-14162 WordPress plugin BMLT WordPress Plugin 跨站请求伪造漏洞 — BMLT WordPress SatelliteCWE-352 4.3 Medium2025-12-12
CVE-2025-67780 SpaceX Starlink Dish 安全漏洞 — Starlink DishCWE-306 4.2 Medium2025-12-11
CVE-2024-58312 xbtitFM 路径遍历漏洞 — xbtitFMCWE-22 7.5AIHighAI2025-12-11
CVE-2024-58310 APC Network Management Card 路径遍历漏洞 — Network Management Card 4CWE-22 7.5AIHighAI2025-12-11

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21072 条 CVE 漏洞。