Rustaurius 厂商漏洞列表 / CVE 中文分析 31

Rustaurius 厂商相关 31 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

rustaurius 主要提供基于 Rust 语言的高性能安全组件及开源解决方案，旨在优化系统底层的安全性与稳定性。其历史漏洞记录显示，常见风险集中于内存安全边界处理不当导致的越权访问及远程代码执行问题，部分版本亦存在输入验证缺陷。鉴于其核心架构涉及敏感数据处理，近期多项 CVE 披露提示开发者需严格遵循最小权限原则并定期更新依赖库，以防范潜在的攻击面扩大风险。

上位製品 Rustaurius: Front End Users Ultimate WP Mail Five Star Restaurant Reservations Ultimate Reviews Order Tracking – WordPress Status Tracking Plugin Five Star Restaurant Reservations – WordPress Booking Plugin Five Star Restaurant Menu and Food Ordering Affiliate AI Lite Ultimate FAQ Order Tracking Ultimate FAQ Accordion Plugin

CVEs 31

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2026-6498	Five Star Restaurant Reservations <= 2.7.16 - Unauthenticated Payment Bypass via PHP Type Juggling in 'payment_id' Parameter — Five Star Restaurant Reservations – WordPress Booking PluginCWE-345	5.3	Medium	2026-04-30
CVE-2026-4336	Ultimate FAQ Accordion Plugin <= 2.4.7 - Authenticated (Author+) Stored Cross-Site Scripting via FAQ Content — Ultimate FAQ Accordion PluginCWE-79	6.4	Medium	2026-04-09
CVE-2026-39602	WordPress Order Tracking plugin <= 3.4.3 - Broken Access Control vulnerability — Order TrackingCWE-862	5.3	Medium	2026-04-08
CVE-2026-25327	WordPress Five Star Restaurant Reservations plugin <= 2.7.9 - Broken Access Control vulnerability — Five Star Restaurant ReservationsCWE-862	6.5	Medium	2026-03-25
CVE-2026-24634	WordPress Ultimate Reviews plugin <= 3.2.16 - Insecure Direct Object References (IDOR) vulnerability — Ultimate ReviewsCWE-639	5.3	Medium	2026-01-23
CVE-2025-68044	WordPress Five Star Restaurant Reservations plugin <= 2.7.4 - Insecure Direct Object References (IDOR) vulnerability — Five Star Restaurant ReservationsCWE-639	8.6	High	2026-01-05
CVE-2025-68601	WordPress Five Star Restaurant Reservations plugin <= 2.7.8 - Cross Site Request Forgery (CSRF) vulnerability — Five Star Restaurant ReservationsCWE-352	5.4	Medium	2025-12-24
CVE-2025-11496	Five Star Restaurant Reservations – WordPress Booking Plugin <= 2.7.5 - Unauthenticated Stored Cross-Site Scripting — Five Star Restaurant Reservations – WordPress Booking PluginCWE-79	6.1	Medium	2025-12-21
CVE-2025-67590	WordPress Ultimate FAQ plugin <= 2.4.3 - Cross Site Request Forgery (CSRF) vulnerability — Ultimate FAQCWE-352	4.3	Medium	2025-12-09
CVE-2025-11799	Affiliate AI Lite <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Affiliate AI LiteCWE-79	6.4	Medium	2025-11-21
CVE-2025-62072	WordPress Front End Users plugin <= 3.2.33 - Broken Access Control vulnerability — Front End UsersCWE-862	4.3	Medium	2025-10-22
CVE-2025-53454	WordPress Ultimate WP Mail Plugin <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability — Ultimate WP MailCWE-79	6.5	Medium	2025-09-22
CVE-2025-58235	WordPress Front End Users plugin <= 3.2.35 - Cross Site Scripting (XSS) vulnerability — Front End UsersCWE-79	6.5	Medium	2025-09-22
CVE-2025-6993	Ultimate WP Mail 1.0.17 - 1.3.6 - Missing Authorization to Authenticated (Contributor+) Privilege Escalation via get_email_log_details Function — Ultimate WP MailCWE-862	7.5	High	2025-07-16
CVE-2025-49266	WordPress Ultimate Reviews plugin <= 3.2.14 - Reflected Cross Site Scripting (XSS) vulnerability — Ultimate ReviewsCWE-79	7.1	High	2025-06-17
CVE-2025-49288	WordPress Ultimate WP Mail plugin <= 1.3.5 - Account Takeover via Email Log Leak Vulnerability — Ultimate WP MailCWE-862	8.8	High	2025-06-06
CVE-2025-47580	WordPress Front End Users plugin <= 3.2.35 - Broken Access Control vulnerability — Front End UsersCWE-862	5.4	Medium	2025-05-15
CVE-2025-47490	WordPress Ultimate WP Mail plugin <= 1.3.4 - SQL Injection Vulnerability — Ultimate WP MailCWE-89	8.5	High	2025-05-07
CVE-2025-47466	WordPress Ultimate WP Mail plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability — Ultimate WP MailCWE-352	5.4	Medium	2025-05-07
CVE-2025-32694	WordPress Ultimate WP Mail plugin <= 1.3.10 - Open Redirection vulnerability — Ultimate WP MailCWE-601	4.7	Medium	2025-04-09
CVE-2024-12410	Front End Users <= 3.2.32 - Authenticated (Admin+) SQL injection — Front End UsersCWE-89	4.9	Medium	2025-04-02
CVE-2025-2005	Front-End-Only-Users <= 3.2.32 - Unauthenticated Arbitrary File Upload — Front End UsersCWE-434	9.8	Critical	2025-04-02
CVE-2025-30861	WordPress Five Star Restaurant Reservations plugin <= 2.6.29 - Broken Access Control vulnerability — Five Star Restaurant ReservationsCWE-862	4.9	Medium	2025-03-27
CVE-2025-26877	WordPress Front End Users Plugin <= 3.2.30 - Cross Site Scripting (XSS) vulnerability — Front End UsersCWE-79	6.5	Medium	2025-02-25
CVE-2024-13563	Front End Users <= 3.2.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via forgot-password Shortcode — Front End UsersCWE-79	6.4	Medium	2025-02-15
CVE-2024-7607	Front End Users <= 3.2.28 - Authenticated (Contributor+) Time-Based SQL Injection — Front End UsersCWE-89	8.8	High	2024-08-29
CVE-2024-7606	Front End Users <= 3.2.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Front End UsersCWE-79	6.4	Medium	2024-08-29
CVE-2024-5459	Restaurant Menu and Food Ordering <= 2.4.16 - Missing Authorization to Menu Creation — Five Star Restaurant Menu and Food OrderingCWE-862	4.3	Medium	2024-06-05
CVE-2023-4471	Order Tracking Pro <= 3.3.6 - Reflected Cross-Site Scripting — Order Tracking – WordPress Status Tracking PluginCWE-79	6.1	Medium	2023-08-31
CVE-2023-4500	Order Tracking Pro <= 3.3.6 - Authenticated (Administrator+) Stored Cross-Site Scripting — Order Tracking – WordPress Status Tracking PluginCWE-79	4.7	Medium	2023-08-31

本页汇总了 Rustaurius 厂商截至目前公开的全部 31 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

Rustaurius 厂商漏洞列表 / CVE 中文分析 31

目標達成すべての支援者に感謝 — 100%達成しました！