access:pre-auth 类型相关 21386 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2024-13779 | WordPress plugin Hero Mega Menu 跨站脚本漏洞 — Hero Mega Menu - Responsive WordPress Menu PluginCWE-79 | 6.1 | Medium | 2025-03-05 |
| CVE-2024-13780 | WordPress plugin Hero Mega Menu 安全漏洞 — Hero Mega Menu - Responsive WordPress Menu PluginCWE-862 | 6.5 | Medium | 2025-03-05 |
| CVE-2025-0956 | WordPress plugin WooCommerce Recover Abandoned Cart 输入验证错误漏洞 — WooCommerce Recover Abandoned CartCWE-502 | 8.1 | High | 2025-03-05 |
| CVE-2024-13827 | WordPress plugin Razorpay Subscription Button Elementor Plugin 跨站脚本漏洞 — Razorpay Subscription Button Elementor PluginCWE-79 | 6.1 | Medium | 2025-03-05 |
| CVE-2024-8682 | WordPress plugin JNews 安全漏洞 — JNews - WordPress Newspaper Magazine Blog AMP ThemeCWE-862 | 5.3 | Medium | 2025-03-05 |
| CVE-2025-0990 | WordPress plugin I Am Gloria 跨站请求伪造漏洞 — I Am GloriaCWE-352 | 4.3 | Medium | 2025-03-05 |
| CVE-2025-1435 | WordPress plugin bbPress 跨站请求伪造漏洞 — bbPressCWE-352 | 6.3 | Medium | 2025-03-05 |
| CVE-2025-1393 | Weidmueller Interface PROCON-WIN 信任管理问题漏洞 — PROCON-WINCWE-798 | 9.8 | Critical | 2025-03-05 |
| CVE-2025-27641 | Vasion Print 授权问题漏洞 — n/a | 9.8 | - | 2025-03-05 |
| CVE-2025-27642 | Vasion Print 访问控制错误漏洞 — n/a | 9.8 | - | 2025-03-05 |
| CVE-2025-27647 | Vasion Print 访问控制错误漏洞 — n/a | 9.8 | - | 2025-03-05 |
| CVE-2020-3122 | Cisco Content Security Management Appliance 访问控制错误漏洞 — Cisco IronPort Security Management ApplianceCWE-284 | 5.3 | - | 2025-03-04 |
| CVE-2019-1815 | Cisco Meraki MX67和Cisco Meraki MX68 信息泄露漏洞 — Cisco Meraki MX FirmwareCWE-200 | 9.8 | - | 2025-03-04 |
| CVE-2024-13724 | WordPress plugin Wallet System for WooCommerce 授权问题漏洞 — Wallet System for WooCommerce – Digital Wallet, Buy Now Pay Later (BNPL), Instant Cashback, Referral program, Partial & Subscription PaymentsCWE-285 | 4.3 | Medium | 2025-03-04 |
| CVE-2024-13682 | WordPress plugin Wallet System for WooCommerce 跨站请求伪造漏洞 — Wallet System for WooCommerce – Digital Wallet, Buy Now Pay Later (BNPL), Instant Cashback, Referral program, Partial & Subscription PaymentsCWE-352 | 4.3 | Medium | 2025-03-04 |
| CVE-2025-1306 | WordPress plugin Newscrunch 跨站请求伪造漏洞 — NewscrunchCWE-352 | 8.8 | High | 2025-03-04 |
| CVE-2025-0912 | WordPress plugin GiveWP 代码问题漏洞 — GiveWP – Donation Plugin and Fundraising PlatformCWE-502 | 9.8 | Critical | 2025-03-04 |
| CVE-2024-50704 | Uniguest Tripleplay 代码注入漏洞 — n/a | 9.8 | - | 2025-03-04 |
| CVE-2024-50705 | Uniguest Tripleplay 跨站请求伪造漏洞 — n/a | 6.1 | - | 2025-03-04 |
| CVE-2024-50706 | Uniguest Tripleplay SQL注入漏洞 — n/a | 9.8 | - | 2025-03-04 |
| CVE-2024-50707 | Uniguest Tripleplay 代码注入漏洞 — n/a | 9.8 | - | 2025-03-04 |
| CVE-2024-51961 | Esri ArcGIS Server 安全漏洞 — ArcGIS ServerCWE-73 | 7.5 | High | 2025-03-03 |
| CVE-2025-27419 | WeGIA 安全漏洞 — WeGIACWE-770 | 7.5 | - | 2025-03-03 |
| CVE-2025-24023 | Flask App Builder 安全漏洞 — Flask-AppBuilderCWE-204 | 3.7 | Low | 2025-03-03 |
| CVE-2025-25280 | Century Systems FutureNet AS series和Century Systems FutureNet FA series 安全漏洞 — FutureNet AS-250/SCWE-120 | 5.3 | Medium | 2025-03-03 |
| CVE-2025-24846 | Century Systems FutureNet AS series 安全漏洞 — FutureNet AS-250/SCWE-288 | 7.5 | High | 2025-03-03 |
| CVE-2025-27590 | Oxidized Web 路径遍历漏洞 — Oxidized WebCWE-22 | 9.0 | Critical | 2025-03-03 |
| CVE-2025-1404 | WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞 — Secure Copy Content Protection and Content LockingCWE-862 | 5.3 | Medium | 2025-03-01 |
| CVE-2024-13697 | WordPress plugin Better Messages 代码问题漏洞 — Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private MessagesCWE-918 | 4.8 | Medium | 2025-03-01 |
| CVE-2024-13611 | WordPress plugin Better Messages 信息泄露漏洞 — Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private MessagesCWE-200 | 7.5 | High | 2025-03-01 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21386 条 CVE 漏洞。