PickPlugins 厂商漏洞列表 / CVE 中文分析 70

PickPlugins 厂商相关 70 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

PickPlugins 是一款面向 WordPress 生态的插件管理平台，旨在简化插件的安装、更新及配置流程。截至最新统计，该平台已关联 70 条 CVE 漏洞记录。历史安全数据显示，其常见漏洞类型包括远程代码执行（RCE）、跨站脚本攻击（XSS）及权限绕过，多源于输入验证缺失或逻辑缺陷。部分版本曾存在未授权访问风险，建议用户及时升级至修复版本，并严格遵循最小权限原则以保障站点安全。

CVEs 70

CVE ID	标题	CVSS	风险等级	Published
CVE-2026-7458	PickPlugins User Verification ≤2.0.46 OTP认证绕过漏洞 — User Verification by PickPluginsCWE-288	9.8	Critical	2026-05-02
CVE-2026-32497	WordPress plugin User Verification 安全漏洞 — User VerificationCWE-1390	5.3	Medium	2026-03-25
CVE-2026-25455	WordPress plugin Product Slider for WooCommerce 安全漏洞 — Product Slider for WooCommerceCWE-862	6.5	Medium	2026-03-25
CVE-2025-68000	WordPress plugin Testimonial Slider 安全漏洞 — Testimonial SliderCWE-862	6.5	Medium	2026-02-20
CVE-2025-68605	WordPress plugin Post Grid and Gutenberg Blocks 安全漏洞 — Post Grid and Gutenberg BlocksCWE-79	6.5	Medium	2025-12-24
CVE-2025-63043	WordPress plugin Post Grid and Gutenberg Blocks 安全漏洞 — Post Grid and Gutenberg BlocksCWE-639	5.3	Medium	2025-12-18
CVE-2025-66058	WordPress plugin Post Grid 安全漏洞 — Post Grid and Gutenberg BlocksCWE-862	6.5	Medium	2025-12-18
CVE-2025-12374	WordPress plugin User Verification 授权问题漏洞 — User Verification by PickPluginsCWE-287	9.8	Critical	2025-12-05
CVE-2025-62929	WordPress plugin Testimonial Slider 安全漏洞 — Testimonial SliderCWE-862	6.5	Medium	2025-10-27
CVE-2025-62924	WordPress plugin Post Grid and Gutenberg Blocks 安全漏洞 — Post Grid and Gutenberg BlocksCWE-862	6.5	Medium	2025-10-27
CVE-2025-53421	WordPress plugin Accordion 安全漏洞 — AccordionCWE-862	6.5	Medium	2025-10-22
CVE-2025-60162	WordPress plugin Job Board Manager 跨站脚本漏洞 — Job Board ManagerCWE-79	6.5	Medium	2025-09-26
CVE-2025-58678	WordPress plugin Accordion 安全漏洞 — AccordionCWE-862	6.5	Medium	2025-09-22
CVE-2025-58827	WordPress plugin Job Board Manager 代码注入漏洞 — Job Board ManagerCWE-94	3.8	Low	2025-09-05
CVE-2025-54007	WordPress plugin Post Grid and Gutenberg Blocks 代码问题漏洞 — Post Grid and Gutenberg BlocksCWE-502	8.8	High	2025-08-20
CVE-2025-49324	WordPress plugin Job Board Manager 安全漏洞 — Job Board ManagerCWE-862	5.3	Medium	2025-06-06
CVE-2025-49075	WordPress plugin Wishlist 跨站脚本漏洞 — WishlistCWE-79	6.5	Medium	2025-06-06
CVE-2025-24655	WordPress plugin Wishlist 跨站脚本漏洞 — WishlistCWE-79	7.1	High	2025-04-17
CVE-2025-32646	WordPress plugin Question Answer 跨站脚本漏洞 — Question AnswerCWE-79	7.1	High	2025-04-17
CVE-2025-32647	WordPress plugin Question Answer 代码问题漏洞 — Question AnswerCWE-502	8.8	High	2025-04-17
CVE-2025-32618	WordPress plugin Wishlist SQL注入漏洞 — WishlistCWE-89	8.5	High	2025-04-11
CVE-2025-32144	WordPress plugin Job Board Manager 代码问题漏洞 — Job Board ManagerCWE-502	8.8	High	2025-04-11
CVE-2025-32143	WordPress plugin Accordion 代码问题漏洞 — AccordionCWE-502	8.8	High	2025-04-11
CVE-2025-32272	WordPress plugin Wishlist 跨站请求伪造漏洞 — WishlistCWE-352	4.3	Medium	2025-04-04
CVE-2025-30889	WordPress plugin PickPlugins Testimonial Slider 代码问题漏洞 — Testimonial SliderCWE-502	8.8	High	2025-04-03
CVE-2025-31862	WordPress plugin Job Board Manager 安全漏洞 — Job Board ManagerCWE-862	5.3	Medium	2025-04-01
CVE-2025-31810	WordPress plugin Question Answer 安全漏洞 — Question AnswerCWE-862	5.3	Medium	2025-04-01
CVE-2024-12634	WordPress plugin Related Posts 跨站请求伪造漏洞 — Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPluginsCWE-352	6.1	Medium	2025-03-07
CVE-2024-12809	WordPress plugin Wishlist 跨站脚本漏洞 — WishlistCWE-79	6.4	Medium	2025-03-07
CVE-2024-13469	WordPress plugin Pricing Table by PickPlugins 跨站脚本漏洞 — PickPlugins Pricing TableCWE-79	6.4	Medium	2025-02-28

本页汇总了 PickPlugins 厂商截至目前公开的全部 70 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

PickPlugins 厂商漏洞列表 / CVE 中文分析 70

目标达成感谢每一位支持者 — 我们达成了 100% 目标！