目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21230

access:pre-auth 类型相关 21230 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2025-9620 WordPress plugin Seo Monster 跨站请求伪造漏洞 — Seo MonsterCWE-352 6.1 Medium2025-09-11
CVE-2025-8570 WordPress plugin BeyondCart Connector 信任管理问题漏洞 — BeyondCart ConnectorCWE-798 9.8 Critical2025-09-11
CVE-2025-8481 WordPress plugin Blog Designer For Elementor – Post Slider, Post Carousel, Post Grid 跨站请求伪造漏洞 — Blog Designer For Elementor – Post Slider, Post Carousel, Post GridCWE-352 4.3 Medium2025-09-11
CVE-2025-9623 WordPress plugin Admin in English with Switch 跨站请求伪造漏洞 — Admin in English with SwitchCWE-352 4.3 Medium2025-09-11
CVE-2025-8492 WordPress plugin Salon Booking System 安全漏洞 — Salon Booking System – Free VersionCWE-862 5.3 Medium2025-09-11
CVE-2025-9627 WordPress plugin Run Log 跨站请求伪造漏洞 — Run LogCWE-352 4.3 Medium2025-09-11
CVE-2025-9634 WordPress plugin Plugin updates blocker 跨站请求伪造漏洞 — Plugin updates blockerCWE-352 4.3 Medium2025-09-11
CVE-2025-9635 WordPress plugin Analytics Reduce Bounce Rate 跨站请求伪造漏洞 — Analytics Reduce Bounce RateCWE-352 4.3 Medium2025-09-11
CVE-2025-9073 WordPress plugin All in one Minifier SQL注入漏洞 — All in one MinifierCWE-89 7.5 High2025-09-11
CVE-2025-8417 WordPress plugin Catalog Importer Scraper Crawler 代码注入漏洞 — Catalog Importer, Scraper & CrawlerCWE-94 8.1 High2025-09-11
CVE-2025-8422 WordPress plugin Propovoice 安全漏洞 — Propovoice: All-in-One Client Management SystemCWE-73 7.5 High2025-09-11
CVE-2025-9628 WordPress plugin AMO.CRM 跨站请求伪造漏洞 — The integration of the AMO.CRMCWE-352 4.3 Medium2025-09-11
CVE-2025-9631 WordPress plugin AutoCatSet 跨站请求伪造漏洞 — AutoCatSetCWE-352 4.3 Medium2025-09-11
CVE-2025-8479 WordPress plugin Zoho Flow 跨站请求伪造漏洞 — Zoho Flow – Integrate 100+ plugins with 1000+ business apps, no-code workflow automationCWE-352 4.3 Medium2025-09-11
CVE-2025-54376 Hoverfly 授权问题漏洞 — hoverflyCWE-200 7.5AIHighAI2025-09-10
CVE-2025-8696 ISC Stork 安全漏洞 — StorkCWE-789 7.5 High2025-09-10
CVE-2025-20340 Cisco IOS XR 资源管理错误漏洞 — Cisco IOS XR SoftwareCWE-400 7.4 High2025-09-10
CVE-2025-20159 Cisco IOS XR 访问控制错误漏洞 — Cisco IOS XR SoftwareCWE-284 5.3 Medium2025-09-10
CVE-2025-9943 Shibboleth Service Provider 安全漏洞 — Service ProviderCWE-89 9.1AICriticalAI2025-09-10
CVE-2025-9622 WordPress plugin WP Blast | SEO & Performance Booster 跨站请求伪造漏洞 — WP Blast | SEO & Performance BoosterCWE-352 4.3 Medium2025-09-10
CVE-2025-9888 WordPress plugin Maspik – Ultimate Spam Protection 跨站请求伪造漏洞 — Maspik – Ultimate Spam ProtectionCWE-352 4.3 Medium2025-09-10
CVE-2025-55976 Intelbras IWR 3000N 安全漏洞 — n/a 5.5AIMediumAI2025-09-10
CVE-2025-58135 Zoom Workplace 安全漏洞 — Zoom Workplace Clients for WindowsCWE-837 5.3 Medium2025-09-09
CVE-2025-49461 Zoom Workplace 安全漏洞 — Zoom Workplace ClientsCWE-79 4.3 Medium2025-09-09
CVE-2025-49460 Zoom Workplace 安全漏洞 — Zoom Workplace ClientsCWE-400 4.3 Medium2025-09-09
CVE-2025-58462 OPEXUS FOIAXpress Public Access Link 安全漏洞 — FOIAXpress Public Access Link (PAL)CWE-89 9.8 Critical2025-09-09
CVE-2025-7635 Calix GigaCenter ONT Series 访问控制错误漏洞 — GigaCenter ONTCWE-306 9.8AICriticalAI2025-09-09
CVE-2025-58761 Tautulli 安全漏洞 — TautulliCWE-27 8.6 High2025-09-09
CVE-2025-58760 Tautulli 安全漏洞 — TautulliCWE-23 8.6 High2025-09-09
CVE-2025-53796 Microsoft Windows Routing and Remote Access Service 安全漏洞 — Windows Server 2008 R2 Service Pack 1CWE-126 6.5 Medium2025-09-09

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21230 条 CVE 漏洞。