access:pre-auth 类型相关 21460 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2025-2325 | WordPress plugin WP Test Email 跨站脚本漏洞 — WP Test EmailCWE-79 | 7.2 | High | 2025-03-15 |
| CVE-2025-1771 | WordPress plugin Traveler 安全漏洞 — Travel Booking WordPress ThemeCWE-98 | 9.8 | Critical | 2025-03-15 |
| CVE-2024-13497 | WordPress plugin Tripetto 安全漏洞 — WordPress form builder plugin for contact forms, surveys and quizzes – TripettoCWE-80 | 7.2 | High | 2025-03-15 |
| CVE-2025-1773 | WordPress plugin Traveler 跨站脚本漏洞 — Travel Booking WordPress ThemeCWE-79 | 6.1 | Medium | 2025-03-15 |
| CVE-2025-2164 | WordPress plugin pixelstats 跨站脚本漏洞 — pixelstatsCWE-79 | 6.1 | Medium | 2025-03-15 |
| CVE-2025-2163 | WordPress plugin Zoorum Comments 跨站脚本漏洞 — Zoorum CommentsCWE-79 | 6.1 | Medium | 2025-03-15 |
| CVE-2024-12245 | LogicalDOC SQL注入漏洞 — LogicalDOC CommunityCWE-89 | 9.1 | - | 2025-03-14 |
| CVE-2024-12020 | LogicalDOC 跨站脚本漏洞 — LogicalDOC EnterpriseCWE-79 | 6.1 | - | 2025-03-14 |
| CVE-2024-54445 | LogicalDOC SQL注入漏洞 — LogicalDOC CommunityCWE-89 | 9.1 | - | 2025-03-14 |
| CVE-2023-48785 | Fortinet FortiNAC-F 信任管理问题漏洞 — FortiNAC-FCWE-295 | 4.4 | Medium | 2025-03-14 |
| CVE-2024-40590 | Fortinet FortiPortal 信任管理问题漏洞 — FortiPortalCWE-295 | 4.4 | Medium | 2025-03-14 |
| CVE-2024-13773 | WordPress plugin Civi 安全漏洞 — Civi - Job Board & Freelance Marketplace WordPress ThemeCWE-321 | 7.3 | High | 2025-03-14 |
| CVE-2024-13772 | WordPress plugin Civi 安全漏洞 — Civi - Job Board & Freelance Marketplace WordPress ThemeCWE-288 | 5.6 | Medium | 2025-03-14 |
| CVE-2025-2232 | WordPress plugin Realteo 安全漏洞 — RealteoCWE-269 | 9.8 | Critical | 2025-03-14 |
| CVE-2024-13771 | WordPress plugin Civi 安全漏洞 — Civi - Job Board & Freelance Marketplace WordPress ThemeCWE-288 | 9.8 | Critical | 2025-03-14 |
| CVE-2024-26006 | Fortinet FortiOS 安全漏洞 — FortiProxyCWE-79 | 6.9 | High | 2025-03-14 |
| CVE-2025-1507 | WordPress plugin ShareThis Dashboard for Google Analytics 安全漏洞 — ShareThis Dashboard for Google AnalyticsCWE-862 | 5.3 | Medium | 2025-03-14 |
| CVE-2024-13321 | WordPress plugin AnalyticsWP SQL注入漏洞 — AnalyticsWPCWE-89 | 7.5 | High | 2025-03-14 |
| CVE-2024-13824 | WordPress plugin CiyaShop 代码问题漏洞 — CiyaShop - Multipurpose WooCommerce ThemeCWE-502 | 9.8 | Critical | 2025-03-14 |
| CVE-2025-2221 | WordPress plugin WPCOM Member SQL注入漏洞 — WPCOM MemberCWE-89 | 7.5 | High | 2025-03-14 |
| CVE-2024-13913 | WordPress plugin InstaWP Connect 跨站请求伪造漏洞 — InstaWP Connect – 1-click WP Staging & MigrationCWE-352 | 8.8 | High | 2025-03-14 |
| CVE-2025-1764 | WordPress plugin LoginPress 跨站请求伪造漏洞 — LoginPress | wp-login Custom Login Page CustomizerCWE-352 | 7.5 | High | 2025-03-14 |
| CVE-2025-2056 | WordPress plugin WP Ghost 安全漏洞 — WP Ghost (Hide My WP Ghost) – Security & FirewallCWE-23 | 7.5 | High | 2025-03-14 |
| CVE-2025-0955 | WordPress plugin VidoRev Extensions 安全漏洞 — VidoRev ExtensionsCWE-862 | 5.3 | Medium | 2025-03-14 |
| CVE-2024-11283 | WordPress plugin WP JobHunt 安全漏洞 — WP JobHuntCWE-289 | 7.5 | High | 2025-03-14 |
| CVE-2024-11286 | WordPress plugin WP JobHunt 安全漏洞 — WP JobHuntCWE-288 | 9.8 | Critical | 2025-03-14 |
| CVE-2024-11284 | WordPress plugin WP JobHunt 安全漏洞 — WP JobHuntCWE-639 | 9.8 | Critical | 2025-03-14 |
| CVE-2025-2166 | WordPress plugin CM FAQ 跨站脚本漏洞 — CM FAQ – Simplify support with an intuitive FAQ management toolCWE-79 | 6.1 | Medium | 2025-03-14 |
| CVE-2025-1285 | WordPress plugin Resido 安全漏洞 — Resido - Real Estate WordPress ThemeCWE-862 | 5.3 | Medium | 2025-03-14 |
| CVE-2024-11285 | WordPress plugin WP JobHunt 安全漏洞 — WP JobHuntCWE-639 | 9.8 | Critical | 2025-03-14 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21460 条 CVE 漏洞。