目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21224

access:pre-auth 类型相关 21224 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2025-37161 HPE Aruba Networking 100 Series Cellular Bridge 安全漏洞 — HPE Aruba Networking 100 Series Cellular Bridge 7.5 High2025-11-18
CVE-2025-46215 Fortinet FortiSandbox 安全漏洞 — FortiSandboxCWE-653 5.0 Medium2025-11-18
CVE-2025-9977 Times Software E-Payroll 安全漏洞 — E-PayrollCWE-89 7.5AIHighAI2025-11-18
CVE-2025-12545 WordPress plugin Pixel Manager for WooCommerce 信息泄露漏洞 — Pixel Manager for WooCommerce – Conversion Tracking, Google Ads, GA4, TikTok, Dynamic RemarketingCWE-200 5.3 Medium2025-11-18
CVE-2025-9312 WSO2多款产品 安全漏洞 — WSO2 API ManagerCWE-306 9.8 Critical2025-11-18
CVE-2025-11427 WordPress plugin WP Migrate Lite – WordPress Migration Made Easy 代码问题漏洞 — WP Migrate Lite – Migration Made EasyCWE-918 5.8 Medium2025-11-18
CVE-2025-41737 METZ CONNECT多款产品 访问控制错误漏洞 — Energy-Controlling EWIO2-MCWE-284 7.5 High2025-11-18
CVE-2025-41734 METZ CONNECT多款产品 安全漏洞 — Energy-Controlling EWIO2-MCWE-98 9.8 Critical2025-11-18
CVE-2025-41733 METZ CONNECT多款产品 安全漏洞 — Energy-Controlling EWIO2-MCWE-305 9.8 Critical2025-11-18
CVE-2025-12391 WordPress plugin Restrictions for BuddyPress 安全漏洞 — Restrictions for BuddyPressCWE-862 5.3 Medium2025-11-18
CVE-2025-12392 WordPress plugin Cryptocurrency Payment Gateway for WooCommerce 安全漏洞 — Cryptocurrency Payment Gateway for WooCommerceCWE-862 5.3 Medium2025-11-18
CVE-2025-12079 WordPress plugin WP Twitter Auto Publish 跨站脚本漏洞 — WP Twitter Auto PublishCWE-79 6.1 Medium2025-11-18
CVE-2025-12955 WordPress plugin Live sales notification for WooCommerce 安全漏洞 — PiWeb Live sales notification for WooCommerceCWE-862 7.5 High2025-11-18
CVE-2025-4212 WordPress plugin Checkout Files Upload for WooCommerce 跨站脚本漏洞 — Checkout Files Upload for WooCommerceCWE-79 7.2 High2025-11-18
CVE-2025-12078 WordPress plugin ArtiBot Free Chat Bot for WebSites 跨站脚本漏洞 — ArtiBot Free Chat Bot for WebSitesCWE-79 6.1 Medium2025-11-18
CVE-2025-12406 WordPress plugin Project Honey Pot Spam Trap 跨站请求伪造漏洞 — Project Honey Pot Spam TrapCWE-352 6.1 Medium2025-11-18
CVE-2025-12173 WordPress plugin WP Admin Microblog 跨站请求伪造漏洞 — WP Admin MicroblogCWE-352 4.3 Medium2025-11-18
CVE-2025-12937 WordPress plugin ACF Flexible Layouts Manager 安全漏洞 — ACF Flexible Layouts ManagerCWE-862 6.5 Medium2025-11-18
CVE-2025-12404 WordPress plugin Like-it 跨站请求伪造漏洞 — Like-itCWE-352 6.1 Medium2025-11-18
CVE-2025-12827 WordPress plugin Top Friends 跨站请求伪造漏洞 — Top FriendsCWE-352 4.3 Medium2025-11-18
CVE-2025-9625 WordPress plugin Coil Web Monetization 跨站请求伪造漏洞 — Coil Web MonetizationCWE-352 4.3 Medium2025-11-18
CVE-2025-12528 WordPress plugin Pie Forms for WP 代码问题漏洞 — Pie Forms — Drag & Drop Form BuilderCWE-434 8.1 High2025-11-18
CVE-2025-12974 WordPress plugin Gravity Forms 代码问题漏洞 — Gravity FormsCWE-434 8.1 High2025-11-18
CVE-2025-63228 DB Electronica Mozart FM Transmitter 安全漏洞 — n/a 9.8AICriticalAI2025-11-18
CVE-2025-63408 iSpy Agent DVR 安全漏洞 — n/a 7.8AIHighAI2025-11-18
CVE-2025-64076 cbor2 安全漏洞 — n/a 7.5 High2025-11-18
CVE-2025-13165 Digiwin EasyFlow GP 安全漏洞 — EasyFlow GPCWE-770 7.5 High2025-11-17
CVE-2025-9501 WordPress plugin W3 Total Cache 安全漏洞 — W3 Total Cache 9.8AICriticalAI2025-11-17
CVE-2025-13284 ThinPLUS 操作系统命令注入漏洞 — ThinPLUSCWE-78 9.8 Critical2025-11-17
CVE-2025-13283 Chunghwa Telecom TenderDocTransfer 跨站请求伪造漏洞 — TenderDocTransferCWE-352 7.1 High2025-11-17

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21224 条 CVE 漏洞。