目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21224

access:pre-auth 类型相关 21224 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2025-12674 WordPress plugin KiotViet Sync 代码问题漏洞 — KiotViet SyncCWE-434 9.8 Critical2025-11-05
CVE-2025-12676 WordPress plugin KiotViet Sync 安全漏洞 — KiotViet SyncCWE-259 5.3 Medium2025-11-05
CVE-2025-12677 WordPress plugin KiotViet Sync 信息泄露漏洞 — KiotViet SyncCWE-200 5.3 Medium2025-11-05
CVE-2025-12384 WordPress plugin Document Embedder – Embed PDFs Word Excel and Other Files 安全漏洞 — Document Embedder – Embed PDFs, Word, Excel, and Other FilesCWE-862 8.6 High2025-11-05
CVE-2025-12139 WordPress plugin integrate-google-drive 信息泄露漏洞 — File Manager for Google Drive – Integrate Google DriveCWE-200 7.5 High2025-11-05
CVE-2025-10873 WordPress plugin ElementInvader Addons for Elementor 安全漏洞 — ElementInvader Addons for Elementor 5.3 -2025-11-05
CVE-2025-11072 WordPress plugin MelAbu WP Download Counter Button 安全漏洞 — MelAbu WP Download Counter Button 7.5 -2025-11-05
CVE-2025-11749 WordPress plugin AI Engine 信息泄露漏洞 — AI Engine – The Chatbot, AI Framework & MCP for WordPressCWE-200 9.8 Critical2025-11-05
CVE-2025-12197 WordPress plugin The Events Calendar SQL注入漏洞 — The Events CalendarCWE-89 7.5 High2025-11-05
CVE-2025-11835 WordPress plugin Paid Membership Subscriptions 安全漏洞 — Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content RestrictionCWE-862 5.3 Medium2025-11-05
CVE-2025-12580 WordPress plugin SMS 跨站脚本漏洞 — SMS for WordPressCWE-79 6.1 Medium2025-11-05
CVE-2025-8871 WordPress plugin Everest Forms Pro 代码问题漏洞 — Everest Forms ProCWE-502 5.6 Medium2025-11-05
CVE-2025-59716 guests 安全漏洞 — n/a 5.3 -2025-11-05
CVE-2025-63334 PocketVJ CP 安全漏洞 — n/a 9.8 -2025-11-05
CVE-2025-61956 Radiometrics VizAir 访问控制错误漏洞 — VizAirCWE-306 10.0 Critical2025-11-04
CVE-2025-61945 Radiometrics VizAir 访问控制错误漏洞 — VizAirCWE-306 10.0 Critical2025-11-04
CVE-2025-12682 WordPress plugin Easy Upload Files During Checkout 代码问题漏洞 — Easy Upload Files During CheckoutCWE-434 9.8 Critical2025-11-04
CVE-2025-41340 CanalDenuncia App 安全漏洞 — CanalDenuncia.appCWE-862 5.3AIMediumAI2025-11-04
CVE-2025-12493 WordPress plugin ShopLentor 路径遍历漏洞 — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-22 9.8 Critical2025-11-04
CVE-2025-12403 WordPress plugin Associados Amazon Plugin 跨站请求伪造漏洞 — Associados Amazon PluginCWE-352 6.1 Medium2025-11-04
CVE-2025-12158 WordPress plugin Simple User Capabilities 安全漏洞 — Simple User CapabilitiesCWE-862 9.8 Critical2025-11-04
CVE-2025-12452 WordPress plugin Visit Counter 跨站请求伪造漏洞 — Visit CounterCWE-352 6.1 Medium2025-11-04
CVE-2025-11733 WordPress plugin Footnotes Made Easy 跨站脚本漏洞 — Footnotes Made EasyCWE-79 7.2 High2025-11-04
CVE-2025-12402 WordPress plugin LinkedIn Resume 跨站请求伪造漏洞 — LinkedIn ResumeCWE-352 6.1 Medium2025-11-04
CVE-2025-12415 WordPress plugin MapMap 跨站请求伪造漏洞 — MapMapCWE-352 6.1 Medium2025-11-04
CVE-2025-12456 WordPress plugin Centangle-Team 跨站请求伪造漏洞 — Centangle-TeamCWE-352 6.1 Medium2025-11-04
CVE-2025-11890 WordPress plugin Crypto Payment Gateway with Payeer for WooCommerce 安全漏洞 — Crypto Payment Gateway with Payeer for WooCommerceCWE-862 7.5 High2025-11-04
CVE-2025-12400 WordPress plugin LMB Box Smileys 跨站请求伪造漏洞 — LMB^Box SmileysCWE-352 6.1 Medium2025-11-04
CVE-2025-12157 WordPress plugin Simple User Capabilities 安全漏洞 — Simple User CapabilitiesCWE-862 5.3 Medium2025-11-04
CVE-2025-12410 WordPress plugin SH Contextual Help 跨站请求伪造漏洞 — SH Contextual HelpCWE-352 6.1 Medium2025-11-04

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21224 条 CVE 漏洞。