目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21460

access:pre-auth 类型相关 21460 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2024-12601 WordPress plugin Calculated Fields Form 资源管理错误漏洞 — Calculated Fields FormCWE-400 5.3 Medium2024-12-17
CVE-2024-12024 WordPress plugin EventPrime – Events Calendar, Bookings and Tickets 跨站脚本漏洞 — EventPrime – Events Calendar, Bookings and TicketsCWE-79 7.2 High2024-12-17
CVE-2024-12127 WordPress plugin Learning Management System 安全漏洞 — Learning Management System, eLearning, Course Builder, WordPress LMS Plugin – Sikshya LMSCWE-80 6.1 Medium2024-12-17
CVE-2024-12469 WordPress plugin WP BASE Booking of Appointments, Services and Events 跨站脚本漏洞 — WP BASE Booking of Appointments, Services and EventsCWE-79 6.1 Medium2024-12-17
CVE-2024-12293 WordPress plugin User Role Editor 跨站请求伪造漏洞 — User Role EditorCWE-352 8.8 High2024-12-17
CVE-2024-11294 WordPress plugin Memberful 信息泄露漏洞 — Memberful – Membership PluginCWE-200 5.3 Medium2024-12-17
CVE-2024-12220 WordPress plugin SMS for WooCommerce 跨站请求伪造漏洞 — SMS for WooCommerceCWE-352 6.1 Medium2024-12-17
CVE-2024-12219 WordPress plugin Stop Registration Spam 跨站请求伪造漏洞 — Stop Registration SpamCWE-352 6.1 Medium2024-12-17
CVE-2024-12356 BeyondTrust Remote Support和BeyondTrust Privileged Remote Access 安全漏洞 — Remote SupportCWE-77 9.8 Critical2024-12-17
CVE-2024-12239 WordPress plugin PowerPack Lite for Beaver Builder 跨站脚本漏洞 — PowerPack Lite for Beaver BuilderCWE-79 6.1 Medium2024-12-17
CVE-2024-36831 D-Link DAP-1520 安全漏洞 — n/a 7.5 -2024-12-17
CVE-2024-36832 D-Link DAP-1513 安全漏洞 — n/a 7.5 -2024-12-17
CVE-2024-49775 Siemens Opcenter Execution Foundation 安全漏洞 — Opcenter Execution FoundationCWE-122 9.8 Critical2024-12-16
CVE-2024-12646 Chunghwa Telecom topm-client 安全漏洞 — topm-clientCWE-352 8.1 High2024-12-16
CVE-2024-12645 Chunghwa Telecom topm-client 安全漏洞 — topm-clientCWE-352 6.5 Medium2024-12-16
CVE-2024-12644 Chunghwa Telecom tbm-client 安全漏洞 — tbm-clientCWE-352 7.1 High2024-12-16
CVE-2024-12643 Chunghwa Telecom tbm-client 安全漏洞 — tbm-clientCWE-352 8.1 High2024-12-16
CVE-2024-12642 Chunghwa Telecom TenderDocTransfer 安全漏洞 — TenderDocTransferCWE-352 8.1 High2024-12-16
CVE-2024-12641 Chunghwa Telecom TenderDocTransfer 跨站脚本漏洞 — TenderDocTransferCWE-79 9.6 Critical2024-12-16
CVE-2024-5333 WordPress plugin The Events Calendar 安全漏洞 — The Events Calendar 5.3 -2024-12-16
CVE-2024-11721 WordPress plugin Frontend Admin by DynamiApps 安全漏洞 — Frontend Admin by DynamiAppsCWE-269 8.1 High2024-12-14
CVE-2024-11720 WordPress plugin Frontend Admin by DynamiApps 跨站脚本漏洞 — Frontend Admin by DynamiAppsCWE-79 7.2 High2024-12-14
CVE-2024-11712 WordPress plugin WP Job Portal 安全漏洞 — WP Job Portal – AI-Powered Recruitment System for Company or Job Board websiteCWE-359 5.3 Medium2024-12-14
CVE-2024-11711 WordPress plugin WP Job Portal SQL注入漏洞 — WP Job Portal – AI-Powered Recruitment System for Company or Job Board websiteCWE-89 7.5 High2024-12-14
CVE-2024-11715 WordPress plugin WP Job Portal 安全漏洞 — WP Job Portal – AI-Powered Recruitment System for Company or Job Board websiteCWE-862 4.8 Medium2024-12-14
CVE-2024-12422 WordPress plugin Import Eventbrite Events 跨站脚本漏洞 — Import Eventbrite EventsCWE-79 6.1 Medium2024-12-14
CVE-2024-10646 WordPress plugin Contact Form 跨站脚本漏洞 — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-79 7.2 High2024-12-14
CVE-2024-12411 WordPress plugin WP Ad Guru 跨站脚本漏洞 — WP Ad Guru – Banner ad, Responsive popup, Popup maker, Ad rotator & MoreCWE-79 6.1 Medium2024-12-14
CVE-2024-11462 WordPress plugin Filestack Official 跨站脚本漏洞 — Filestack WP UploadCWE-79 6.1 Medium2024-12-14
CVE-2024-12578 WordPress plugin Tickera – WordPress Event Ticketing 信息泄露漏洞 — Tickera – Sell Tickets & Manage EventsCWE-200 5.3 Medium2024-12-14

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21460 条 CVE 漏洞。