目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21158

access:pre-auth 类型相关 21158 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2025-11727 WordPress plugin Omnichannel for WooCommerce: Google, Amazon, eBay & Walmart Integration – Powered by Codisto 跨站脚本漏洞 — Omnichannel for WooCommerce: Google, Amazon, eBay & Walmart Integration – Powered by CodistoCWE-79 7.2 High2025-12-04
CVE-2025-11379 WordPress plugin WebP Express 信息泄露漏洞 — WebP ExpressCWE-200 5.3 Medium2025-12-04
CVE-2025-63363 Waveshare RS232/485 TO WIFI ETH (B) 安全漏洞 — n/a 5.3AIMediumAI2025-12-04
CVE-2025-65899 Kalmia 安全漏洞 — n/a 5.3AIMediumAI2025-12-04
CVE-2025-12819 PgBouncer 安全漏洞 — PgBouncerCWE-426 7.5 High2025-12-03
CVE-2025-20384 Splunk Cloud Platform和Splunk Enterprise 安全漏洞 — Splunk EnterpriseCWE-117 5.3 Medium2025-12-03
CVE-2025-34319 TOTOLINK N300RT 操作系统命令注入漏洞 — N300RTCWE-78 9.8AICriticalAI2025-12-03
CVE-2024-32641 Masa CMS 代码注入漏洞 — MasaCMSCWE-94 9.8 Critical2025-12-03
CVE-2025-13390 WordPress plugin WP Directory Kit 安全漏洞 — WP Directory KitCWE-303 10.0 Critical2025-12-03
CVE-2025-12358 WordPress plugin ShopEngine Elementor WooCommerce Builder Addon 跨站请求伪造漏洞 — ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce SolutionCWE-352 4.3 Medium2025-12-03
CVE-2025-13342 WordPress plugin Frontend Admin by DynamiApps 安全漏洞 — Frontend Admin by DynamiAppsCWE-862 9.8 Critical2025-12-03
CVE-2025-39665 NagVis 安全漏洞 — NagvisCWE-203 5.3AIMediumAI2025-12-03
CVE-2025-13486 WordPress plugin Advanced Custom Fields Extended 代码注入漏洞 — Advanced Custom Fields: ExtendedCWE-94 9.8 Critical2025-12-03
CVE-2025-10304 WordPress plugin Everest Backup 安全漏洞 — Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning PluginCWE-862 5.3 Medium2025-12-03
CVE-2025-12585 WordPress plugin MxChat 信息泄露漏洞 — MxChat – AI Chatbot & Content Generation for WordPressCWE-200 5.3 Medium2025-12-03
CVE-2025-55076 Plugin Alliance Installation Manager 安全漏洞 — n/a 7.8AIHighAI2025-12-03
CVE-2025-64055 Fanvil x210 安全漏洞 — n/a 7.8AIHighAI2025-12-03
CVE-2025-13658 Industrial Video & Control Longwatch 代码注入漏洞 — LongwatchCWE-94 9.8AICriticalAI2025-12-02
CVE-2025-13510 Iskra iHUB和Iskra iHUB Lite 访问控制错误漏洞 — iHUB and iHUB LiteCWE-306 9.1AICriticalAI2025-12-02
CVE-2025-13542 WordPress plugin DesignThemes LMS 安全漏洞 — DesignThemes LMSCWE-269 9.8 Critical2025-12-02
CVE-2025-66454 Arcade MCP Server Framework 信任管理问题漏洞 — arcade-mcpCWE-321 6.5 Medium2025-12-02
CVE-2025-66416 Model Context Protocol Python SDK 安全漏洞 — python-sdkCWE-1188 7.1 -2025-12-02
CVE-2025-66414 MCP TypeScript SDK 安全漏洞 — typescript-sdkCWE-1188 7.5AIHighAI2025-12-02
CVE-2025-41066 Horde Groupware 信息泄露漏洞 — GroupwareCWE-200 5.3AIMediumAI2025-12-02
CVE-2025-41015 TCMAN GIM 信息泄露漏洞 — GIMCWE-200 5.3AIMediumAI2025-12-02
CVE-2025-41014 TCMAN GIM 信息泄露漏洞 — GIMCWE-200 5.3AIMediumAI2025-12-02
CVE-2025-41012 TCMAN GIM 安全漏洞 — GIMCWE-862 7.5AIHighAI2025-12-02
CVE-2025-13871 ObjectPlanet Opinio 安全漏洞 — OpinioCWE-352 8.8AIHighAI2025-12-02
CVE-2025-13516 WordPress plugin SureMail 代码问题漏洞 — SureMail – SMTP and Email Logs Plugin with Amazon SES, Postmark, and Other ProvidersCWE-434 8.1 High2025-12-02
CVE-2025-13696 WordPress plugin Zigaform 信息泄露漏洞 — Zigaform – Price Calculator & Cost Estimation Form Builder LiteCWE-200 5.3 Medium2025-12-02

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21158 条 CVE 漏洞。