目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21386

access:pre-auth 类型相关 21386 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2024-13779 WordPress plugin Hero Mega Menu 跨站脚本漏洞 — Hero Mega Menu - Responsive WordPress Menu PluginCWE-79 6.1 Medium2025-03-05
CVE-2024-13780 WordPress plugin Hero Mega Menu 安全漏洞 — Hero Mega Menu - Responsive WordPress Menu PluginCWE-862 6.5 Medium2025-03-05
CVE-2025-0956 WordPress plugin WooCommerce Recover Abandoned Cart 输入验证错误漏洞 — WooCommerce Recover Abandoned CartCWE-502 8.1 High2025-03-05
CVE-2024-13827 WordPress plugin Razorpay Subscription Button Elementor Plugin 跨站脚本漏洞 — Razorpay Subscription Button Elementor PluginCWE-79 6.1 Medium2025-03-05
CVE-2024-8682 WordPress plugin JNews 安全漏洞 — JNews - WordPress Newspaper Magazine Blog AMP ThemeCWE-862 5.3 Medium2025-03-05
CVE-2025-0990 WordPress plugin I Am Gloria 跨站请求伪造漏洞 — I Am GloriaCWE-352 4.3 Medium2025-03-05
CVE-2025-1435 WordPress plugin bbPress 跨站请求伪造漏洞 — bbPressCWE-352 6.3 Medium2025-03-05
CVE-2025-1393 Weidmueller Interface PROCON-WIN 信任管理问题漏洞 — PROCON-WINCWE-798 9.8 Critical2025-03-05
CVE-2025-27641 Vasion Print 授权问题漏洞 — n/a 9.8 -2025-03-05
CVE-2025-27642 Vasion Print 访问控制错误漏洞 — n/a 9.8 -2025-03-05
CVE-2025-27647 Vasion Print 访问控制错误漏洞 — n/a 9.8 -2025-03-05
CVE-2020-3122 Cisco Content Security Management Appliance 访问控制错误漏洞 — Cisco IronPort Security Management ApplianceCWE-284 5.3 -2025-03-04
CVE-2019-1815 Cisco Meraki MX67和Cisco Meraki MX68 信息泄露漏洞 — Cisco Meraki MX FirmwareCWE-200 9.8 -2025-03-04
CVE-2024-13724 WordPress plugin Wallet System for WooCommerce 授权问题漏洞 — Wallet System for WooCommerce – Digital Wallet, Buy Now Pay Later (BNPL), Instant Cashback, Referral program, Partial & Subscription PaymentsCWE-285 4.3 Medium2025-03-04
CVE-2024-13682 WordPress plugin Wallet System for WooCommerce 跨站请求伪造漏洞 — Wallet System for WooCommerce – Digital Wallet, Buy Now Pay Later (BNPL), Instant Cashback, Referral program, Partial & Subscription PaymentsCWE-352 4.3 Medium2025-03-04
CVE-2025-1306 WordPress plugin Newscrunch 跨站请求伪造漏洞 — NewscrunchCWE-352 8.8 High2025-03-04
CVE-2025-0912 WordPress plugin GiveWP 代码问题漏洞 — GiveWP – Donation Plugin and Fundraising PlatformCWE-502 9.8 Critical2025-03-04
CVE-2024-50704 Uniguest Tripleplay 代码注入漏洞 — n/a 9.8 -2025-03-04
CVE-2024-50705 Uniguest Tripleplay 跨站请求伪造漏洞 — n/a 6.1 -2025-03-04
CVE-2024-50706 Uniguest Tripleplay SQL注入漏洞 — n/a 9.8 -2025-03-04
CVE-2024-50707 Uniguest Tripleplay 代码注入漏洞 — n/a 9.8 -2025-03-04
CVE-2024-51961 Esri ArcGIS Server 安全漏洞 — ArcGIS ServerCWE-73 7.5 High2025-03-03
CVE-2025-27419 WeGIA 安全漏洞 — WeGIACWE-770 7.5 -2025-03-03
CVE-2025-24023 Flask App Builder 安全漏洞 — Flask-AppBuilderCWE-204 3.7 Low2025-03-03
CVE-2025-25280 Century Systems FutureNet AS series和Century Systems FutureNet FA series 安全漏洞 — FutureNet AS-250/SCWE-120 5.3 Medium2025-03-03
CVE-2025-24846 Century Systems FutureNet AS series 安全漏洞 — FutureNet AS-250/SCWE-288 7.5 High2025-03-03
CVE-2025-27590 Oxidized Web 路径遍历漏洞 — Oxidized WebCWE-22 9.0 Critical2025-03-03
CVE-2025-1404 WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞 — Secure Copy Content Protection and Content LockingCWE-862 5.3 Medium2025-03-01
CVE-2024-13697 WordPress plugin Better Messages 代码问题漏洞 — Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private MessagesCWE-918 4.8 Medium2025-03-01
CVE-2024-13611 WordPress plugin Better Messages 信息泄露漏洞 — Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private MessagesCWE-200 7.5 High2025-03-01

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21386 条 CVE 漏洞。