目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

pickplugins 厂商漏洞列表 / CVE 中文分析 70

pickplugins 厂商相关 70 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

PickPlugins 是一款面向 WordPress 生态的插件管理平台,旨在简化插件的安装、更新及配置流程。截至最新统计,该平台已关联 70 条 CVE 漏洞记录。历史安全数据显示,其常见漏洞类型包括远程代码执行(RCE)、跨站脚本攻击(XSS)及权限绕过,多源于输入验证缺失或逻辑缺陷。部分版本曾存在未授权访问风险,建议用户及时升级至修复版本,并严格遵循最小权限原则以保障站点安全。

上位製品 pickplugins: Post Grid Job Board Manager Post Grid and Gutenberg Blocks Wishlist Accordion Question Answer Testimonial Slider User Verification by PickPlugins Product Designer Mail Picker PickPlugins Product Designer for WooCommerce Team Showcase Product Slider for WooCommerce Post Grid and Gutenberg Blocks – ComboBlocks User Verification PickPlugins Pricing Table Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins Related Posts By PickPlugins ComboBlocks Tabs & Accordion Accordions User profile Related Post Post Grid Combo – 36+ Gutenberg Blocks PickPlugins Product Slider for WooCommerce
CVE IDタイトルCVSS深刻度公開日
CVE-2024-1641 Accordion <= 2.2.96 - Missing Authorization to Authenticated(Contributor+) Post Duplication — AccordionsCWE-862 5.4 Medium2024-04-09
CVE-2024-31277 WordPress Product Designer plugin <= 1.0.32 - PHP Object Injection vulnerability — Product DesignerCWE-502 8.7 High2024-04-07
CVE-2024-30441 WordPress Combo Blocks plugin <= 2.2.74 - Reflected Cross Site Scripting (XSS) vulnerability — Post GridCWE-79 7.1 High2024-03-29
CVE-2024-29097 WordPress User profile plugin <= 2.0.20 - Subscriber+ Stored Cross Site Scripting (XSS) vulnerability — User profileCWE-79 6.3 Medium2024-03-19
CVE-2023-7072 Post Grid Combo – 36+ Gutenberg Blocks <= 2.2.68 - Information Exposure via get_posts API Endpoint — Post GridCWE-202 7.5 High2024-03-12
CVE-2023-51666 WordPress Related Post Plugin <= 2.0.53 is vulnerable to Cross Site Scripting (XSS) — Related PostCWE-79 6.5 Medium2024-02-01
CVE-2023-6645 Post Grid Combo – 36+ Gutenberg Blocks <= 2.2.64 - Authenticated (Contributor+) Cross-Site Scripting — Post GridCWE-79 6.4 Medium2024-01-11
CVE-2023-40211 WordPress Post Grid Plugin <= 2.2.50 is vulnerable to Sensitive Data Exposure — Post Grid Combo – 36+ Gutenberg BlocksCWE-200 7.5 High2023-11-30
CVE-2021-24300 PickPlugins Product Slider for WooCommerce < 1.13.22 - Reflected Cross-Site Scripting (XSS) — PickPlugins Product Slider for WooCommerceCWE-79 6.1 -2021-05-24
CVE-2021-24283 Accordion < 2.2.30 - Authenticated Reflected Cross-Site Scripting (XSS) — AccordionCWE-79 6.1 -2021-05-14

本页汇总了 pickplugins 厂商截至目前公开的全部 70 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。