目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1325

100%
请我们喝杯咖啡

access:pre-auth 标签下的 CVE 漏洞 20447

access:pre-auth 类型相关 20447 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2026-4143 WordPress plugin Neos Connector for Fakturama 跨站请求伪造漏洞 — Neos Connector for FakturamaCWE-352 4.3 Medium2026-03-21
CVE-2026-1648 WordPress plugin Performance Monitor 代码问题漏洞 — Performance MonitorCWE-918 7.2 High2026-03-21
CVE-2026-1647 WordPress plugin Comment Genius 跨站脚本漏洞 — Comment GeniusCWE-79 6.1 Medium2026-03-21
CVE-2026-2427 WordPress plugin itsukaita 跨站脚本漏洞 — itsukaitaCWE-79 6.1 Medium2026-03-21
CVE-2026-1503 WordPress plugin login_register 跨站请求伪造漏洞 — Plugin Name: login_registerCWE-352 4.3 Medium2026-03-21
CVE-2024-13785 WordPress plugin ARForms 代码注入漏洞 — Contact Form, Survey, Quiz & Popup Form Builder – ARFormsCWE-94 5.6 Medium2026-03-21
CVE-2026-3331 WordPress plugin Lobot Slider Administrator 跨站请求伪造漏洞 — Lobot Slider AdministratorCWE-352 4.3 Medium2026-03-21
CVE-2026-3003 WordPress plugin Vagaro Booking Widget 跨站脚本漏洞 — Vagaro Booking WidgetCWE-79 7.2 High2026-03-21
CVE-2026-1392 WordPress plugin SR WP Minify HTML 跨站请求伪造漏洞 — SR WP Minify HTMLCWE-352 4.3 Medium2026-03-21
CVE-2026-3641 WordPress plugin Appmax 输入验证错误漏洞 — AppmaxCWE-20 5.3 Medium2026-03-21
CVE-2026-2468 WordPress plugin Quentn WP SQL注入漏洞 — Quentn WPCWE-89 7.5 High2026-03-21
CVE-2026-3332 WordPress plugin Xhanch - My Advanced Settings 跨站请求伪造漏洞 — Xhanch – My Advanced SettingsCWE-352 4.3 Medium2026-03-21
CVE-2026-3651 WordPress plugin Build App Online 安全漏洞 — Build App OnlineCWE-862 5.3 Medium2026-03-21
CVE-2025-13910 WordPress plugin WP-WebAuthn 跨站脚本漏洞 — WP-WebAuthnCWE-79 6.1 Medium2026-03-21
CVE-2026-4069 WordPress plugin Alfie – Feed Plugin 跨站脚本漏洞 — Alfie – Feed PluginCWE-79 6.1 Medium2026-03-21
CVE-2026-3506 WordPress plugin WP-Chatbot for Messenger 安全漏洞 — WP-Chatbot for MessengerCWE-862 5.3 Medium2026-03-21
CVE-2026-2277 WordPress plugin rexCrawler 跨站脚本漏洞 — rexCrawlerCWE-79 6.1 Medium2026-03-21
CVE-2026-1378 WordPress plugin WP Posts Re-order 跨站请求伪造漏洞 — WP Posts Re-orderCWE-352 4.3 Medium2026-03-21
CVE-2026-1390 WordPress plugin Redirect countdown 跨站请求伪造漏洞 — Redirect countdownCWE-352 4.3 Medium2026-03-21
CVE-2026-1393 WordPress plugin Add Google Social Profiles to Knowledge Graph Box 跨站请求伪造漏洞 — Add Google Social Profiles to Knowledge Graph BoxCWE-352 4.3 Medium2026-03-21
CVE-2026-1800 WordPress plugin Fonts Manager | Custom Fonts SQL注入漏洞 — Fonts Manager | Custom FontsCWE-89 7.5 High2026-03-21
CVE-2026-2375 WordPress plugin App Builder – Create Native Android & iOS Apps On The Flight 安全漏洞 — App Builder – Create Native Android & iOS Apps On The FlightCWE-269 6.5 Medium2026-03-21
CVE-2026-2440 WordPress plugin SurveyJS 跨站脚本漏洞 — SurveyJS: Drag & Drop Form BuilderCWE-79 7.2 High2026-03-21
CVE-2026-3335 WordPress plugin Canto 安全漏洞 — CantoCWE-862 5.3 Medium2026-03-21
CVE-2026-3570 WordPress plugin Smarter Analytics 安全漏洞 — Smarter AnalyticsCWE-862 5.3 Medium2026-03-21
CVE-2026-4302 WordPress plugin WowOptin: Next-Gen Popup Maker 代码问题漏洞 — WowOptin: Next-Gen Popup Maker – Create Stunning Popups and Optins for Lead GenerationCWE-918 7.2 High2026-03-21
CVE-2026-32896 OpenClaw 访问控制错误漏洞 — OpenClawCWE-306 4.8 Medium2026-03-21
CVE-2026-32064 OpenClaw 访问控制错误漏洞 — OpenClawCWE-306 7.7 High2026-03-21
CVE-2026-3572 WordPress plugin iTracker360 跨站脚本漏洞 — iTracker360CWE-79 6.1 Medium2026-03-20
CVE-2026-3368 WordPress plugin Injection Guard 跨站脚本漏洞 — Injection GuardCWE-79 7.2 High2026-03-20

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 20447 条 CVE 漏洞。