目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21392

access:pre-auth 类型相关 21392 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2024-13796 WordPress plugin Post Grid and Gutenberg Blocks 信息泄露漏洞 — Post GridCWE-200 5.3 Medium2025-02-28
CVE-2025-1687 WordPress plugin Cardealer 跨站请求伪造漏洞 — Car Dealer Automotive WordPress Theme – ResponsiveCWE-352 8.8 High2025-02-27
CVE-2025-1717 WordPress plugin Login Me Now 安全漏洞 — Login Me Now – Passwordless, Magic Link, OTP & Social Login for WordPressCWE-288 8.1 High2025-02-27
CVE-2024-13647 WordPress plugin SakolaWP 跨站请求伪造漏洞 — School Management System – SakolaWPCWE-352 4.3 Medium2025-02-27
CVE-2024-13905 WordPress plugin OneStore Sites 代码问题漏洞 — OneStore SitesCWE-918 5.3 Medium2025-02-27
CVE-2024-53944 Tuoshi LT15D 安全漏洞 — n/a 9.8 -2025-02-27
CVE-2025-0941 Beckman Coulter MET ONE 3400+ instruments running software 安全漏洞 — MET ONE 3400+CWE-209 5.8 Medium2025-02-26
CVE-2025-20111 Cisco Nexus 3000 Series Switches和Cisco Nexus 9000 Series Switches 安全漏洞 — Cisco NX-OS SoftwareCWE-1220 7.4 High2025-02-26
CVE-2025-0719 IBM Cloud Pak for Data 跨站脚本漏洞 — Cloud Pak for DataCWE-79 6.1 Medium2025-02-26
CVE-2025-0731 SMA Solar Sunny Portal 代码问题漏洞 — www.sunnyportal.comCWE-434 6.5 Medium2025-02-26
CVE-2024-13560 WordPress plugin Subscriptions & Memberships for PayPal 跨站请求伪造漏洞 — Subscriptions & Memberships for PayPalCWE-352 4.3 Medium2025-02-26
CVE-2024-12434 WordPress plugin SureMembers 信息泄露漏洞 — SureMembersCWE-200 5.3 Medium2025-02-26
CVE-2024-30150 HCL MyCloud 安全漏洞 — MyCloudCWE-269 5.3 Medium2025-02-25
CVE-2024-45424 Zoom Workplace 安全漏洞 — Zoom Workplace AppsCWE-840 5.3 Medium2025-02-25
CVE-2025-21627 GLPI 跨站脚本漏洞 — glpiCWE-79 6.5 Medium2025-02-25
CVE-2025-1262 WordPress plugin Advanced Google reCaptcha 安全漏洞 — Advanced Google reCAPTCHACWE-804 5.3 Medium2025-02-25
CVE-2024-13693 WordPress plugin Enfold 访问控制错误漏洞 — Enfold - Responsive Multi-Purpose ThemeCWE-284 5.3 Medium2025-02-25
CVE-2024-13494 WordPress plugin WordPress File Upload 跨站请求伪造漏洞 — Iptanus File UploadCWE-352 4.3 Medium2025-02-25
CVE-2025-1063 WordPress plugin Classified Listing 信息泄露漏洞 — Classified Listing – AI-Powered Classified ads & Business Directory PluginCWE-200 5.3 Medium2025-02-25
CVE-2025-1128 WordPress plugin Everest Forms 代码问题漏洞 — Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form BuilderCWE-434 9.8 Critical2025-02-25
CVE-2025-1648 WordPress plugin Yawave SQL注入漏洞 — YawaveCWE-89 7.5 High2025-02-25
CVE-2025-1488 WordPress plugin WPO365 MICROSOFT 365 GRAPH MAILER 输入验证错误漏洞 — WPO365 | MICROSOFT 365 GRAPH MAILERCWE-601 4.7 Medium2025-02-24
CVE-2025-26201 GreaterWMS 安全漏洞 — n/a 9.8 -2025-02-24
CVE-2024-13728 WordPress plugin Accept Donations with PayPal & Stripe 跨站脚本漏洞 — Accept Donations with PayPal & StripeCWE-79 6.1 Medium2025-02-23
CVE-2025-0957 WordPress plugin SMTP for Amazon SES 跨站脚本漏洞 — SMTP for Amazon SES – YaySMTPCWE-79 7.2 High2025-02-22
CVE-2025-0953 WordPress plugin SMTP for Sendinblue 跨站脚本漏洞 — SMTP for Sendinblue – YaySMTPCWE-79 7.2 High2025-02-22
CVE-2025-0918 WordPress plugin SMTP for SendGrid 跨站脚本漏洞 — SMTP for SendGrid – YaySMTPCWE-79 7.2 High2025-02-22
CVE-2025-1361 WordPress plugin IP2Location Country Blocker 授权问题漏洞 — IP2Location Country BlockerCWE-285 7.5 High2025-02-22
CVE-2024-12467 WordPress plugin Pago por Redsys 跨站脚本漏洞 — Pago por RedsysCWE-79 6.1 Medium2025-02-22
CVE-2024-13474 WordPress plugin LTL Freight Quotes – Purolator Edition SQL注入漏洞 — LTL Freight Quotes – Purolator EditionCWE-89 7.5 High2025-02-22

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21392 条 CVE 漏洞。