目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

access:pre-auth 标签下的 CVE 漏洞 21462

access:pre-auth 类型相关 21462 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2024-11359 WordPress plugin Library Bookshelves 跨站脚本漏洞 — Library BookshelvesCWE-79 6.1 Medium2024-12-12
CVE-2024-12526 WordPress plugin Arena.IM – Live Blogging for real-time events 跨站请求伪造漏洞 — Arena.IM – Live Blogging for real-time eventsCWE-352 4.3 Medium2024-12-12
CVE-2024-12156 WordPress plugin AI Content Writer, RSS Feed to Post, Autoblogging SEO Help 跨站脚本漏洞 — QC SEO Help for llms.txt, AI Analytics, AI Content Writer, Subtitle to ArticleCWE-79 6.1 Medium2024-12-12
CVE-2024-12441 WordPress plugin BP Email Assign Templates 跨站脚本漏洞 — BP Email Assign TemplatesCWE-79 6.1 Medium2024-12-12
CVE-2024-11459 WordPress plugin Country Blocker 跨站脚本漏洞 — Country BlockerCWE-79 6.1 Medium2024-12-12
CVE-2024-11804 WordPress plugin Planaday API 跨站脚本漏洞 — Planaday APICWE-79 6.1 Medium2024-12-12
CVE-2024-12162 WordPress plugin Video & Photo Gallery for Ultimate Member 跨站脚本漏洞 — Video & Photo Gallery for Ultimate MemberCWE-79 6.1 Medium2024-12-12
CVE-2024-10910 WordPress plugin Grid Plus 代码注入漏洞 — Grid Plus – Unlimited grid layoutCWE-94 7.3 High2024-12-12
CVE-2024-11723 WordPress plugin kvCORE IDX 跨站脚本漏洞 — kvCORE IDXCWE-79 6.1 Medium2024-12-12
CVE-2024-11683 WordPress plugin Newsletter Subscriptions 跨站脚本漏洞 — Newsletter SubscriptionsCWE-79 6.1 Medium2024-12-12
CVE-2024-12258 WordPress plugin WP Service Payment Form With Authorize.net 跨站脚本漏洞 — WP Service Payment Form With Authorize.netCWE-79 6.1 Medium2024-12-12
CVE-2024-12260 WordPress plugin Ultimate Endpoints With Rest Api 跨站脚本漏洞 — Ultimate Endpoints With Rest ApiCWE-79 6.1 Medium2024-12-12
CVE-2024-10111 WordPress plugin OAuth Single Sign On – SSO (OAuth Client) 授权问题漏洞 — OAuth Single Sign On – SSO (OAuth Client)CWE-287 8.1 High2024-12-12
CVE-2024-12338 WordPress plugin Website Toolbox Community 跨站脚本漏洞 — Website Toolbox ForumCWE-79 6.1 Medium2024-12-12
CVE-2024-11015 WordPress plugin Sign In With Google 授权问题漏洞 — Sign In With GoogleCWE-287 9.8 Critical2024-12-12
CVE-2024-11417 WordPress plugin dejure.org Vernetzungsfunktion 跨站请求伪造漏洞 — dejure.org VernetzungsfunktionCWE-352 6.1 Medium2024-12-12
CVE-2024-11419 WordPress plugin Password for WP 跨站请求伪造漏洞 — Password for WPCWE-352 6.1 Medium2024-12-12
CVE-2024-11279 WordPress plugin Schema App Structured Data 跨站脚本漏洞 — Schema App Structured DataCWE-79 6.1 Medium2024-12-12
CVE-2024-11689 WordPress plugin HQ Rental Software 跨站请求伪造漏洞 — HQ Rental SoftwareCWE-352 8.8 High2024-12-12
CVE-2024-37401 Ivanti Connect Secure 安全漏洞 — Connect Secure 7.5 -2024-12-11
CVE-2024-37377 Ivanti Connect Secure 安全漏洞 — Connect Secure 7.5 -2024-12-11
CVE-2024-50339 GLPI 跨站脚本漏洞 — glpiCWE-79 5.3 -2024-12-11
CVE-2024-11351 WordPress plugin Restrict 信息泄露漏洞 — Restrict – membership, site, content and user access restrictions for WordPressCWE-200 5.3 Medium2024-12-11
CVE-2024-12325 WordPress plugin Waymark 跨站脚本漏洞 — WaymarkCWE-79 6.1 Medium2024-12-11
CVE-2024-12294 WordPress plugin Last Viewed Posts by WPBeginner 访问控制错误漏洞 — Last Viewed Posts by WPBeginnerCWE-284 5.3 Medium2024-12-11
CVE-2024-11008 WordPress plugin Members 信息泄露漏洞 — Members – Membership & User Role Editor PluginCWE-200 5.3 Medium2024-12-11
CVE-2024-11737 Schneider Electric Modicon Controllers 输入验证错误漏洞 — Modicon Controllers M241 / M251CWE-20 9.8 Critical2024-12-11
CVE-2024-12283 WordPress plugin WP Pipes 跨站脚本漏洞 — WP PipesCWE-79 6.1 Medium2024-12-11
CVE-2024-12004 WordPress plugin WPC Order Notes for WooCommerce 跨站请求伪造漏洞 — WPC Order Notes for WooCommerceCWE-352 6.1 Medium2024-12-11
CVE-2024-53290 Dell ThinOS 命令注入漏洞 — Wyse Proprietary OS (Modern ThinOS)CWE-77 8.4 High2024-12-11

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21462 条 CVE 漏洞。