目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21425

access:pre-auth 类型相关 21425 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2024-12822 WordPress plugin Media Manager for UserPro 安全漏洞 — Media Manager for UserProCWE-862 9.8 Critical2025-01-30
CVE-2024-12177 WordPress plugin Ai Image Alt Text Generator for WP 跨站脚本漏洞 — Ai Image Alt Text Generator for WPCWE-79 6.1 Medium2025-01-30
CVE-2024-12320 WordPress plugin Team Rosters 跨站脚本漏洞 — Team RostersCWE-79 6.1 Medium2025-01-30
CVE-2024-13707 WordPress plugin WP Image Uploader 跨站请求伪造漏洞 — WP Image UploaderCWE-352 8.8 High2025-01-30
CVE-2024-13742 WordPress plugin iControlWP 代码问题漏洞 — iControlWPCWE-502 9.8 Critical2025-01-30
CVE-2024-12269 WordPress plugin Safe Ai Malware Protection for WP 安全漏洞 — Safe Ai Malware Protection for WPCWE-862 7.5 High2025-01-30
CVE-2024-13671 WordPress plugin Music Sheet Viewer 安全漏洞 — Music Sheet ViewerCWE-22 7.5 High2025-01-30
CVE-2024-13705 WordPress plugin StageShow 跨站脚本漏洞 — StageShowCWE-79 6.1 Medium2025-01-30
CVE-2024-13512 WordPress plugin Wonder FontAwesome 跨站请求伪造漏洞 — Wonder FontAwesomeCWE-352 6.1 Medium2025-01-30
CVE-2024-13720 WordPress plugin WP Image Uploader 路径遍历漏洞 — WP Image UploaderCWE-352 8.8 High2025-01-30
CVE-2024-12409 WordPress plugin Simple:Press Forum 跨站脚本漏洞 — Simple:Press ForumCWE-79 6.1 Medium2025-01-30
CVE-2024-13453 WordPress plugin The Contact Form & SMTP Plugin for WordPress by PirateForms 代码注入漏洞 — Contact Form & SMTP Plugin for WordPress by PirateFormsCWE-94 7.3 High2025-01-30
CVE-2024-13706 WordPress plugin WP Image Uploader 跨站脚本漏洞 — WP Image UploaderCWE-79 6.1 Medium2025-01-30
CVE-2025-0860 WordPress plugin VR-Frases 跨站脚本漏洞 — VR-FrasesCWE-79 6.1 Medium2025-01-30
CVE-2025-0861 WordPress plugin VR-Frases SQL注入漏洞 — VR-FrasesCWE-89 4.9 Medium2025-01-30
CVE-2024-13694 WordPress plugin WooCommerce Wishlist 安全漏洞 — MoreConvert Wishlist for WooCommerceCWE-285 7.5 High2025-01-30
CVE-2024-13758 WordPress plugin CP Contact Form with PayPal 跨站请求伪造漏洞 — CP Contact Form with PayPalCWE-352 6.5 Medium2025-01-30
CVE-2024-13457 WordPress plugin Event Tickets and Registration 安全漏洞 — Event Tickets and RegistrationCWE-284 5.3 Medium2025-01-30
CVE-2024-13696 WordPress plugin Flexible Wishlist for WooCommerce 跨站脚本漏洞 — Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for laterCWE-79 7.2 High2025-01-29
CVE-2024-54852 Teedy 安全漏洞 — n/a 9.8 -2025-01-29
CVE-2025-24481 Rockwell Automation FactoryTalk View SE 安全漏洞 — FactoryTalk® View Site EditionCWE-732 9.8 -2025-01-28
CVE-2025-22217 VMware Avi Load Balancer 安全漏洞 — VMware AVI Load BalancerCWE-89 8.6 High2025-01-28
CVE-2024-13521 WordPress plugin MailUp Auto Subscription 跨站请求伪造漏洞 — MailUp Auto SubscriptionCWE-352 6.1 Medium2025-01-28
CVE-2024-13448 WordPress plugin ThemeREX Addons 代码问题漏洞 — ThemeREX AddonsCWE-434 9.8 Critical2025-01-28
CVE-2024-13509 WordPress plugin WS Form LITE 跨站脚本漏洞 — WS Form LITE – Drag & Drop Contact Form BuilderCWE-79 7.2 High2025-01-28
CVE-2024-11135 WordPress plugin Eventer SQL注入漏洞 — Eventer - WordPress Event & Booking Manager PluginCWE-89 7.5 High2025-01-28
CVE-2024-57376 D-Link多款产品 安全漏洞 — n/a 9.8 -2025-01-28
CVE-2024-54542 Apple iOS 安全漏洞 — Safari 7.5 -2025-01-27
CVE-2024-54488 Apple iOS和iPadOS 安全漏洞 — iOS and iPadOS 7.5 -2025-01-27
CVE-2025-24814 Apache Solr 安全漏洞 — Apache SolrCWE-250 9.8 -2025-01-27

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21425 条 CVE 漏洞。