目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21201

access:pre-auth 类型相关 21201 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2025-12746 WordPress plugin Tainacan 跨站脚本漏洞 — TainacanCWE-79 6.1 Medium2025-11-21
CVE-2025-11368 WordPress plugin LearnPress 信息泄露漏洞 — LearnPress – WordPress LMS Plugin for Create and Sell Online CoursesCWE-200 5.3 Medium2025-11-21
CVE-2025-36153 IBM Concert 跨站脚本漏洞 — ConcertCWE-79 6.1 Medium2025-11-20
CVE-2025-62674 iCam365 P201和iCam365 QC021 访问控制错误漏洞 — P201CWE-306 6.8 Medium2025-11-20
CVE-2025-64770 iCam365 P201和iCam365 QC021 访问控制错误漏洞 — P201CWE-306 6.8 Medium2025-11-20
CVE-2025-34320 BASIS BBj 安全漏洞 — BASIS BBjCWE-22 9.1 -2025-11-20
CVE-2025-40601 SonicWALL SonicOS SSLVPN 安全漏洞 — SonicOSCWE-121 7.5 -2025-11-20
CVE-2025-11676 TP-Link TL-WR940N V6 安全漏洞 — TL-WR940N V6CWE-20 6.5 -2025-11-20
CVE-2025-12778 WordPress plugin Ultimate Member Widgets for Elementor 安全漏洞 — Ultimate Member Widgets for Elementor – WordPress User DirectoryCWE-862 5.3 Medium2025-11-20
CVE-2025-63807 Blogile 安全漏洞 — n/a 9.8 -2025-11-20
CVE-2025-13422 Sports Club Management System in php SQL注入漏洞 — Sports Club Management SystemCWE-89 7.3 High2025-11-19
CVE-2025-13315 Lynx Twonky Server 安全漏洞 — Twonky ServerCWE-420 9.1AICriticalAI2025-11-19
CVE-2025-34329 AudioCodes Fax Server 安全漏洞 — AudioCodes Fax/IVR ApplianceCWE-434 9.8AICriticalAI2025-11-19
CVE-2025-34331 AudioCodes Fax Server 安全漏洞 — AudioCodes Fax/IVR ApplianceCWE-306 7.5AIHighAI2025-11-19
CVE-2025-34328 AudioCodes Fax Server 安全漏洞 — AudioCodes Fax/IVR ApplianceCWE-434 9.8AICriticalAI2025-11-19
CVE-2025-34330 AudioCodes Fax Server 安全漏洞 — AudioCodes Fax/IVR ApplianceCWE-434 9.8AICriticalAI2025-11-19
CVE-2025-34336 egovframe-common-components 安全漏洞 — eGovFramework/egovframe-common-componentsCWE-434 9.1AICriticalAI2025-11-19
CVE-2025-34337 egovframe-common-components 安全漏洞 — eGovFramework/egovframe-common-componentsCWE-345 9.1AICriticalAI2025-11-19
CVE-2025-13206 WordPress plugin GiveWP – Donation Plugin and Fundraising Platform 跨站脚本漏洞 — GiveWP – Donation Plugin and Fundraising PlatformCWE-79 7.2 High2025-11-19
CVE-2025-12484 WordPress plugin Giveaways and Contests by RafflePress 跨站脚本漏洞 — Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social FollowersCWE-79 7.2 High2025-11-19
CVE-2025-12535 WordPress plugin SureForms 跨站请求伪造漏洞 — SureForms – Contact Form, Payment Form & Other Custom Form BuilderCWE-352 5.3 Medium2025-11-19
CVE-2025-12057 WordPress plugin WavePlayer 安全漏洞 — WavePlayer 9.8AICriticalAI2025-11-19
CVE-2025-12646 WordPress plugin Community Events SQL注入漏洞 — Community EventsCWE-89 7.5 High2025-11-19
CVE-2025-12842 WordPress plugin Booking Plugin for WordPress Appointments 输入验证错误漏洞 — Time Slot – Booking and Appointment SystemCWE-20 5.3 Medium2025-11-19
CVE-2025-12349 WordPress plugin Email Subscribers & Newsletters 访问控制错误漏洞 — Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPressCWE-306 5.3 Medium2025-11-19
CVE-2025-12426 WordPress plugin Quiz Maker 信息泄露漏洞 — Quiz MakerCWE-200 5.3 Medium2025-11-19
CVE-2025-12427 WordPress plugin YITH WooCommerce Wishlist 安全漏洞 — YITH WooCommerce WishlistCWE-639 5.3 Medium2025-11-19
CVE-2025-12770 WordPress plugin New User Approve 信息泄露漏洞 — New User ApproveCWE-200 5.3 Medium2025-11-19
CVE-2025-12777 WordPress plugin YITH WooCommerce Wishlist 授权问题漏洞 — YITH WooCommerce WishlistCWE-285 5.3 Medium2025-11-19
CVE-2025-63207 R.V.R Elettronica TEX 安全漏洞 — n/a 9.8AICriticalAI2025-11-19

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21201 条 CVE 漏洞。