目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1310

100%
请我们喝杯咖啡

access:pre-auth 标签下的 CVE 漏洞 19863

access:pre-auth 类型相关 19863 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2025-10731 WordPress plugin ReviewX 授权问题漏洞 — ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & SchemaCWE-285 5.3 Medium2026-03-23
CVE-2025-10736 WordPress plugin ReviewX 授权问题漏洞 — ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & SchemaCWE-285 6.5 Medium2026-03-23
CVE-2026-2580 WordPress plugin WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters SQL注入漏洞 — WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & FiltersCWE-89 7.5 High2026-03-22
CVE-2026-33292 WWBN AVideo 路径遍历漏洞 — AVideoCWE-22 7.5 High2026-03-22
CVE-2026-4544 Wavlink WL-WN578W2 代码注入漏洞 — WL-WN578W2CWE-79 2.4 Low2026-03-22
CVE-2026-4543 Wavlink WL-WN578W2 命令注入漏洞 — WL-WN578W2CWE-77 6.3 Medium2026-03-22
CVE-2026-3629 WordPress plugin Import and export users and customers 安全漏洞 — Import and export users and customersCWE-269 8.1 High2026-03-21
CVE-2019-25581 i-doit CMDB SQL注入漏洞 — doit CMDBCWE-89 8.2 High2026-03-21
CVE-2019-25580 ownDMS 代码问题漏洞 — ownDMSCWE-434 8.2 High2026-03-21
CVE-2019-25579 phpTransformer 路径遍历漏洞 — phpTransformerCWE-22 7.5 High2026-03-21
CVE-2019-25576 Kepler Wallpaper Script SQL注入漏洞 — Kepler Wallpaper ScriptCWE-89 8.2 High2026-03-21
CVE-2019-25575 Sourceforge SimplePress CMS SQL注入漏洞 — SimplePress CMSCWE-89 8.2 High2026-03-21
CVE-2019-25570 RealTerm Serial Terminal 安全漏洞 — RealTerm: Serial TerminalCWE-1260 5.5 Medium2026-03-21
CVE-2026-4373 WordPress plugin JetFormBuilder 安全漏洞 — JetFormBuilder — Dynamic Blocks Form BuilderCWE-36 7.5 High2026-03-21
CVE-2026-3478 WordPress plugin Content Syndication Toolkit 代码问题漏洞 — Content Syndication ToolkitCWE-918 7.2 High2026-03-21
CVE-2026-2723 WordPress plugin Post Snippits 跨站请求伪造漏洞 — Post SnippitsCWE-352 6.1 Medium2026-03-21
CVE-2026-4143 WordPress plugin Neos Connector for Fakturama 跨站请求伪造漏洞 — Neos Connector for FakturamaCWE-352 4.3 Medium2026-03-21
CVE-2026-1648 WordPress plugin Performance Monitor 代码问题漏洞 — Performance MonitorCWE-918 7.2 High2026-03-21
CVE-2026-1647 WordPress plugin Comment Genius 跨站脚本漏洞 — Comment GeniusCWE-79 6.1 Medium2026-03-21
CVE-2026-2427 WordPress plugin itsukaita 跨站脚本漏洞 — itsukaitaCWE-79 6.1 Medium2026-03-21
CVE-2026-1503 WordPress plugin login_register 跨站请求伪造漏洞 — Plugin Name: login_registerCWE-352 4.3 Medium2026-03-21
CVE-2024-13785 WordPress plugin ARForms 代码注入漏洞 — Contact Form, Survey, Quiz & Popup Form Builder – ARFormsCWE-94 5.6 Medium2026-03-21
CVE-2026-3331 WordPress plugin Lobot Slider Administrator 跨站请求伪造漏洞 — Lobot Slider AdministratorCWE-352 4.3 Medium2026-03-21
CVE-2026-3003 WordPress plugin Vagaro Booking Widget 跨站脚本漏洞 — Vagaro Booking WidgetCWE-79 7.2 High2026-03-21
CVE-2026-1392 WordPress plugin SR WP Minify HTML 跨站请求伪造漏洞 — SR WP Minify HTMLCWE-352 4.3 Medium2026-03-21
CVE-2026-3641 WordPress plugin Appmax 输入验证错误漏洞 — AppmaxCWE-20 5.3 Medium2026-03-21
CVE-2026-2468 WordPress plugin Quentn WP SQL注入漏洞 — Quentn WPCWE-89 7.5 High2026-03-21
CVE-2026-3332 WordPress plugin Xhanch - My Advanced Settings 跨站请求伪造漏洞 — Xhanch – My Advanced SettingsCWE-352 4.3 Medium2026-03-21
CVE-2026-3651 WordPress plugin Build App Online 安全漏洞 — Build App OnlineCWE-862 5.3 Medium2026-03-21
CVE-2025-13910 WordPress plugin WP-WebAuthn 跨站脚本漏洞 — WP-WebAuthnCWE-79 6.1 Medium2026-03-21

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19863 条 CVE 漏洞。