目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21224

access:pre-auth 类型相关 21224 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2025-12813 WordPress plugin Holiday class post calendar 代码注入漏洞 — Holiday class post calendarCWE-94 9.8 Critical2025-11-11
CVE-2025-12021 WordPress plugin WP-OAuth 跨站脚本漏洞 — WP-OAuthCWE-79 6.1 Medium2025-11-11
CVE-2025-12588 WordPress plugin USB Qr Code Scanner For Woocommerce 跨站请求伪造漏洞 — USB Qr Code Scanner For WoocommerceCWE-352 4.3 Medium2025-11-11
CVE-2025-12590 WordPress plugin YSlider 跨站请求伪造漏洞 — YSliderCWE-352 6.1 Medium2025-11-11
CVE-2025-12132 WordPress plugin WP Custom Admin Login Page Logo 跨站请求伪造漏洞 — WP Custom Admin Login Page LogoCWE-352 4.3 Medium2025-11-11
CVE-2025-11997 WordPress plugin Document Pro Elementor 信息泄露漏洞 — Document Pro Elementor – Documentation & Knowledge BaseCWE-200 5.3 Medium2025-11-11
CVE-2025-12589 WordPress plugin WP-Walla 跨站请求伪造漏洞 — WP-WallaCWE-352 6.1 Medium2025-11-11
CVE-2025-11451 WordPress plugin Auto Amazon Links – Amazon Associates Affiliate Plugin 安全漏洞 — Auto Amazon Links – Amazon Associates Affiliate PluginCWE-73 7.5 High2025-11-11
CVE-2025-11886 WordPress plugin CTL Arcade Lite 跨站请求伪造漏洞 — CTL Arcade LiteCWE-352 4.3 Medium2025-11-11
CVE-2025-11996 WordPress plugin Find Unused Images 安全漏洞 — Find Unused ImagesCWE-862 5.3 Medium2025-11-11
CVE-2025-11988 WordPress plugin Crypto 安全漏洞 — Crypto ToolCWE-862 5.3 Medium2025-11-11
CVE-2025-11891 WordPress plugin Shelf Planner 安全漏洞 — Shelf Planner Inventory Management for WooCommerceCWE-538 5.3 Medium2025-11-11
CVE-2025-11894 WordPress plugin Shelf Planner 安全漏洞 — Shelf Planner Inventory Management for WooCommerceCWE-862 5.3 Medium2025-11-11
CVE-2025-42924 SAP S/4HANA 输入验证错误漏洞 — SAP S/4HANA landscape (SAP E-Recruiting BSP)CWE-601 6.1 Medium2025-11-11
CVE-2025-42919 SAP NetWeaver Application Server Java 路径遍历漏洞 — SAP NetWeaver Application Server JavaCWE-22 5.3 Medium2025-11-11
CVE-2025-42893 SAP Business Connector 输入验证错误漏洞 — SAP Business ConnectorCWE-601 6.1 Medium2025-11-11
CVE-2025-42886 SAP Business Connector 跨站脚本漏洞 — SAP Business ConnectorCWE-79 6.1 Medium2025-11-11
CVE-2025-42885 SAP HANA 访问控制错误漏洞 — SAP HANA 2.0 (hdbrss)CWE-306 5.8 Medium2025-11-11
CVE-2025-42884 SAP NetWeaver Enterprise Portal 安全漏洞 — SAP NetWeaver Enterprise PortalCWE-943 6.5 Medium2025-11-11
CVE-2021-4462 Employee Records System 安全漏洞 — Employee Records SystemCWE-434 9.8 -2025-11-10
CVE-2018-25124 Rainbowfish RainbowFish PacsOne Server 安全漏洞 — PacsOne ServerCWE-22 7.5 -2025-11-10
CVE-2025-64513 milvus 授权问题漏洞 — milvusCWE-287 9.8 -2025-11-10
CVE-2025-43723 Dell PowerScale OneFS 加密问题漏洞 — PowerScale OneFSCWE-327 5.9 Medium2025-11-10
CVE-2025-41731 Jumo variTRON300 安全特征问题漏洞 — variTRON300CWE-338 7.4 High2025-11-10
CVE-2025-12868 CyberTutor New Site Server 安全漏洞 — New Site ServerCWE-603 9.8 Critical2025-11-10
CVE-2025-12866 Hundred Plus EIP Plus 授权问题漏洞 — EIP PlusCWE-640 9.8 Critical2025-11-10
CVE-2025-12098 WordPress plugin Academy LMS – WordPress LMS Plugin for Complete eLearning Solution 信息泄露漏洞 — Academy LMS ProCWE-200 5.3 Medium2025-11-08
CVE-2025-12193 WordPress plugin Mang Board 跨站脚本漏洞 — Mang Board WPCWE-79 6.1 Medium2025-11-08
CVE-2025-7663 WordPress plugin Ovatheme Events Manager 安全漏洞 — Ovatheme Events ManagerCWE-862 6.5 Medium2025-11-08
CVE-2025-12042 WordPress plugin Course Booking System 安全漏洞 — Course Booking SystemCWE-862 5.3 Medium2025-11-08

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21224 条 CVE 漏洞。