目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

Themefic 厂商漏洞列表 / CVE 中文分析 36

Themefic 厂商相关 36 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

Themefic 主要提供网站主题与模板服务,其开源组件在安全审计中暴露出显著风险。截至最新统计,已收录 36 条 CVE,漏洞类型集中表现为远程代码执行、跨站脚本及权限绕过等常见 Web 安全问题。这些缺陷多源于输入验证缺失或配置不当,反映出开发过程中对安全编码规范的忽视。建议用户及时更新版本并实施严格的访问控制,以降低潜在的攻击面。

Top products by Themefic: Ultimate Addons for Contact Form 7 Tourfic Hydra Booking Ultra Addons for Contact Form 7 Tourfic – Travel Booking, Hotel Booking & Car Rental WordPress Plugin Instantio BEAF Travelfic Toolkit Hydra Booking — Appointment Scheduling & Booking Calendar Hydra Booking – All in One Appointment Booking System | Appointment Scheduling, Booking Calendar & WooCommerce Bookings
CVE ID标题CVSS风险等级Published
CVE-2026-39571 WordPress plugin Instantio 安全漏洞 — InstantioCWE-497 5.3 Medium2026-04-08
CVE-2026-39543 WordPress plugin Tourfic 安全漏洞 — TourficCWE-862 5.3 Medium2026-04-08
CVE-2026-39541 WordPress plugin Hydra Booking 跨站脚本漏洞 — Hydra BookingCWE-79 5.9 Medium2026-04-08
CVE-2026-32460 WordPress plugin Ultimate Addons for Contact Form 跨站脚本漏洞 — Ultimate Addons for Contact Form 7CWE-79 6.5 Medium2026-03-13
CVE-2026-24940 WordPress plugin Travelfic Toolkit 安全漏洞 — Travelfic ToolkitCWE-862 4.3 Medium2026-02-03
CVE-2026-24945 WordPress plugin Ultimate Addons for Contact Form 安全漏洞 — Ultimate Addons for Contact Form 7CWE-862 5.3 Medium2026-02-03
CVE-2025-68027 WordPress plugin Hydra Booking 安全漏洞 — Hydra BookingCWE-266 7.3 High2026-01-22
CVE-2025-68055 WordPress plugin Hydra Booking SQL注入漏洞 — Hydra BookingCWE-89 8.5 High2025-12-16
CVE-2025-14356 WordPress plugin Ultra Addons for Contact Form 安全漏洞 — Ultra Addons for Contact Form 7CWE-639 4.3 Medium2025-12-12
CVE-2025-12788 WordPress plugin Hydra Booking — Appointment Scheduling & Booking Calendar 安全漏洞 — Hydra Booking — Appointment Scheduling & Booking CalendarCWE-602 5.3 Medium2025-11-11
CVE-2025-12787 WordPress plugin Hydra Booking — Appointment Scheduling & Booking Calendar 安全特征问题漏洞 — Hydra Booking — Appointment Scheduling & Booking CalendarCWE-330 5.3 Medium2025-11-11
CVE-2025-49377 WordPress plugin Hydra Booking 安全漏洞 — Hydra BookingCWE-862 6.3 Medium2025-10-22
CVE-2025-49378 WordPress plugin Hydra Booking 安全漏洞 — Hydra BookingCWE-89 8.5 High2025-10-22
CVE-2024-8860 WordPress plugin Tourfic 安全漏洞 — Tourfic – Travel Booking, Hotel Booking & Car Rental WordPress PluginCWE-862 4.3 Medium2025-08-26
CVE-2025-7689 WordPress plugin Hydra Booking 安全漏洞 — Hydra Booking – All in One Appointment Booking System | Appointment Scheduling, Booking Calendar & WooCommerce BookingsCWE-862 8.8 High2025-07-29
CVE-2025-6756 WordPress plugin Ultra Addons for Contact Form 跨站脚本漏洞 — Ultra Addons for Contact Form 7CWE-79 6.4 Medium2025-07-01
CVE-2025-6212 WordPress plugin Ultra Addons for Contact Form 跨站脚本漏洞 — Ultra Addons for Contact Form 7CWE-79 7.2 High2025-06-26
CVE-2025-6220 WordPress plugin Ultra Addons for Contact Form 代码问题漏洞 — Ultra Addons for Contact Form 7CWE-434 7.2 High2025-06-18
CVE-2025-49323 WordPress plugin Hydra Booking SQL注入漏洞 — Hydra BookingCWE-89 8.5 High2025-06-06
CVE-2025-47550 WordPress plugin Instantio 代码问题漏洞 — InstantioCWE-434 6.6 Medium2025-05-07
CVE-2025-47549 WordPress plugin BEAF 代码问题漏洞 — BEAFCWE-434 9.1 Critical2025-05-07
CVE-2025-24581 WordPress plugin Instantio 安全漏洞 — InstantioCWE-862 6.5 Medium2025-04-17
CVE-2025-39585 WordPress plugin Travelfic Toolkit 跨站脚本漏洞 — Travelfic ToolkitCWE-79 6.5 Medium2025-04-16
CVE-2025-24650 WordPress plugin Tourfic 代码问题漏洞 — TourficCWE-434 9.1 Critical2025-01-24
CVE-2023-47693 WordPress plugin Ultimate Addons for Contact Form 安全漏洞 — Ultimate Addons for Contact Form 7CWE-862 7.5 High2025-01-02
CVE-2024-12032 WordPress plugin Tourfic SQL注入漏洞 — Tourfic – Travel Booking, Hotel Booking & Car Rental WordPress PluginCWE-89 6.5 Medium2024-12-25
CVE-2024-8319 WordPress plugin Tourfic 跨站请求伪造漏洞 — Tourfic – Travel Booking, Hotel Booking & Car Rental WordPress PluginCWE-352 4.3 Medium2024-08-30
CVE-2024-32433 WordPress Plugin Ultimate Before After Image Slider & Gallery 跨站请求伪造漏洞 — BEAFCWE-352 4.3 Medium2024-04-15
CVE-2024-29134 WordPress Plugin Tourfic 跨站脚本漏洞 — TourficCWE-79 6.5 Medium2024-03-19
CVE-2024-29135 WordPress Plugin Tourfic 代码问题漏洞 — TourficCWE-434 9.9 Critical2024-03-19

本页汇总了 Themefic 厂商截至目前公开的全部 36 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。