目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21224

access:pre-auth 类型相关 21224 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2025-12353 WordPress plugin WPFunnels 安全漏洞 — WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click UpsellCWE-639 5.3 Medium2025-11-08
CVE-2025-12064 WordPress plugin WP2Social Auto Publish 跨站脚本漏洞 — WP2Social Auto PublishCWE-79 6.1 Medium2025-11-08
CVE-2025-12177 WordPress plugin Download Manager 安全漏洞 — Download ManagerCWE-321 5.3 Medium2025-11-08
CVE-2025-11452 WordPress plugin Asgaros Forum SQL注入漏洞 — Asgaros ForumCWE-89 7.5 High2025-11-08
CVE-2025-64491 SuiteCRM 跨站脚本漏洞 — SuiteCRMCWE-79 6.1 Medium2025-11-08
CVE-2025-10230 Samba 操作系统命令注入漏洞 CWE-78 10.0 Critical2025-11-07
CVE-2025-34299 Monsta FTP 安全漏洞 — Monsta FTPCWE-434 9.8 -2025-11-07
CVE-2025-12352 WordPress plugin Gravity Forms 代码问题漏洞 — Gravity FormsCWE-434 9.8 Critical2025-11-07
CVE-2025-5483 WordPress plugin LC Wizard 安全漏洞 — Connector Wizard (formerly LC Wizard)CWE-862 8.1 High2025-11-07
CVE-2025-11546 NEC EXPRESSCLUSTER X和NEC EXPRESSCLUSTER X SingleServerSafe 安全漏洞 — CLUSTERPRO X for Linux (EXPRESSCLUSTER X for Linux)CWE-78 6.5 -2025-11-07
CVE-2025-64173 Apollo Router Core 安全漏洞 — routerCWE-288 7.5 High2025-11-06
CVE-2022-50590 SuiteCRM 安全漏洞 — SuiteCRMCWE-843 7.5 -2025-11-06
CVE-2022-50589 SuiteCRM 安全漏洞 — SuiteCRMCWE-89 9.8 -2025-11-06
CVE-2022-50596 D-Link DIR-1260 安全漏洞 — DIR-1260CWE-78 9.8 -2025-11-06
CVE-2025-36054 IBM Business Automation Workflow containers和IBM Business Automation Workflow traditional with Process Federation Server 跨站脚本漏洞 — Business Automation Workflow containersCWE-79 6.1 Medium2025-11-06
CVE-2025-11268 WordPress plugin Strong Testimonials 跨站脚本漏洞 — Strong TestimonialsCWE-79 4.3 Medium2025-11-06
CVE-2025-10259 Mitsubishi Electric MELSEC iQ-F Series CPU 安全漏洞 — MELSEC iQ-F Series FX5U-32MT/ESCWE-1284 5.3 Medium2025-11-06
CVE-2025-12471 WordPress plugin Hubbub Lite 跨站脚本漏洞 — Hubbub Lite – Fast, free social sharing and follow buttonsCWE-79 6.1 Medium2025-11-06
CVE-2025-11271 WordPress plugin Easy Digital Downloads 安全漏洞 — Easy Digital Downloads – eCommerce Payments and Subscriptions made easyCWE-807 5.3 Medium2025-11-06
CVE-2025-10691 WordPress plugin Easy Email Subscription 跨站请求伪造漏洞 — Easy Email SubscriptionCWE-352 4.3 Medium2025-11-06
CVE-2025-63588 CMSimple_XH 安全漏洞 — n/a 6.1 -2025-11-06
CVE-2025-10713 WSO2多款产品 安全漏洞 — WSO2 Enterprise IntegratorCWE-611 6.5 Medium2025-11-05
CVE-2025-20358 Cisco Unified Contact Center Express 访问控制错误漏洞 — Cisco Unified Contact Center ExpressCWE-306 9.4 Critical2025-11-05
CVE-2025-20354 Cisco Unified Contact Center Express 代码问题漏洞 — Cisco Unified Contact Center ExpressCWE-434 9.8 Critical2025-11-05
CVE-2025-20343 Cisco Identity Services Engine 安全漏洞 — Cisco Identity Services Engine SoftwareCWE-697 8.6 High2025-11-05
CVE-2025-12497 WordPress plugin Premium Portfolio Features for Phlox 安全漏洞 — Premium Portfolio Features for Phlox themeCWE-98 8.1 High2025-11-05
CVE-2025-12192 WordPress plugin The Events Calendar 安全漏洞 — The Events CalendarCWE-697 5.3 Medium2025-11-05
CVE-2025-12469 WordPress plugin FunnelKit Automations 安全漏洞 — FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerceCWE-862 4.3 Medium2025-11-05
CVE-2025-12468 WordPress plugin FunnelKit Automations 信息泄露漏洞 — FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerceCWE-200 5.3 Medium2025-11-05
CVE-2025-55108 BMC Control-M/Agent 安全漏洞 — Control-M/AgentCWE-306 10.0 Critical2025-11-05

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21224 条 CVE 漏洞。