目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

stellarwp 厂商漏洞列表 / CVE 中文分析 115

stellarwp 厂商相关 115 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

Stellarwp 是一家专注于 WordPress 生态系统的企业,其核心业务涵盖高端主题开发及 Elementor 等知名插件的维护。鉴于其广泛的用户基数,该厂商历史上频繁遭遇远程代码执行、跨站脚本及越权访问等高危漏洞。其安全动态备受业界关注,特别是因收录多达 115 条 CVE 记录,凸显了复杂插件架构下的供应链风险。这些漏洞多源于代码审计疏漏,提醒开发者需强化输入验证与权限控制机制。

Top products by stellarwp: GiveWP – Donation Plugin and Fundraising Platform Kadence Blocks — Page Builder Toolkit for Gutenberg Editor The Events Calendar GiveWP Membership Plugin – Restrict Content LearnDash LMS Event Tickets and Registration Gutenberg Blocks by Kadence Blocks WPComplete Kadence WooCommerce Email Designer Event Tickets Bookit — Booking & Appointment Calendar Restrict Content LearnDash LMS – Reports Give – Divi Donation Modules Virtue iThemes Sync Image Widget
CVE ID标题CVSS风险等级Published
CVE-2026-42643 WordPress Plugin Image Widget 跨站脚本漏洞 — Image WidgetCWE-79 5.9 Medium2026-04-29
CVE-2026-42642 WordPress Plugin GiveWP 安全漏洞 — GiveWPCWE-862 5.3 Medium2026-04-29
CVE-2026-2826 WordPress plugin Kadence Blocks — Page Builder Toolkit for Gutenberg Editor 安全漏洞 — Kadence Blocks — Page Builder Toolkit for Gutenberg EditorCWE-862 4.3 Medium2026-04-04
CVE-2026-32546 WordPress plugin Restrict Content 安全漏洞 — Restrict ContentCWE-862 7.5 High2026-03-25
CVE-2026-3079 WordPress plugin LearnDash LMS SQL注入漏洞 — LearnDash LMSCWE-89 6.5 Medium2026-03-24
CVE-2026-4136 WordPress plugin Membership Plugin – Restrict Content 授权问题漏洞 — Membership Plugin – Restrict ContentCWE-640 4.3 Medium2026-03-20
CVE-2026-3585 WordPress plugin The Events Calendar 路径遍历漏洞 — The Events CalendarCWE-22 7.5 High2026-03-10
CVE-2026-1321 WordPress plugin Membership Plugin – Restrict Content 安全漏洞 — Membership Plugin – Restrict ContentCWE-862 8.1 High2026-03-05
CVE-2026-2694 WordPress plugin The Events Calendar 授权问题漏洞 — The Events CalendarCWE-285 5.4 Medium2026-02-25
CVE-2026-27056 WordPress plugin iThemes Sync 安全漏洞 — iThemes SyncCWE-862 4.3 Medium2026-02-19
CVE-2026-2633 WordPress plugin Gutenberg Blocks with AI by Kadence WP 安全漏洞 — Kadence Blocks — Page Builder Toolkit for Gutenberg EditorCWE-862 4.3 Medium2026-02-18
CVE-2026-1857 WordPress plugin Gutenberg Blocks with AI by Kadence WP 代码问题漏洞 — Kadence Blocks — Page Builder Toolkit for Gutenberg EditorCWE-918 4.3 Medium2026-02-18
CVE-2026-1304 WordPress plugin Membership Plugin – Restrict Content for WordPress 跨站脚本漏洞 — Membership Plugin – Restrict ContentCWE-79 4.4 Medium2026-02-18
CVE-2026-2608 WordPress plugin Kadence Blocks — Page Builder Toolkit for Gutenberg Editor 安全漏洞 — Kadence Blocks — Page Builder Toolkit for Gutenberg EditorCWE-862 4.3 Medium2026-02-17
CVE-2025-15043 WordPress plugin The Events Calendar 安全漏洞 — The Events CalendarCWE-862 5.4 Medium2026-01-20
CVE-2025-14844 WordPress plugin Membership Plugin – Restrict Content 安全漏洞 — Membership Plugin – Restrict ContentCWE-639 8.2 High2026-01-16
CVE-2025-69352 WordPress plugin The Events Calendar 安全漏洞 — The Events CalendarCWE-862 5.4 Medium2026-01-06
CVE-2025-14000 WordPress plugin Membership Plugin – Restrict Content 跨站脚本漏洞 — Membership Plugin – Restrict ContentCWE-79 6.4 Medium2025-12-23
CVE-2025-67467 WordPress plugin GiveWP 跨站请求伪造漏洞 — GiveWPCWE-352 5.4 Medium2025-12-09
CVE-2025-66533 WordPress plugin GiveWP 代码注入漏洞 — GiveWPCWE-94 6.5 Medium2025-12-09
CVE-2025-13387 WordPress plugin Kadence WooCommerce Email Designer 跨站脚本漏洞 — Kadence WooCommerce Email DesignerCWE-79 7.2 High2025-12-02
CVE-2025-13206 WordPress plugin GiveWP – Donation Plugin and Fundraising Platform 跨站脚本漏洞 — GiveWP – Donation Plugin and Fundraising PlatformCWE-79 7.2 High2025-11-19
CVE-2025-12633 WordPress plugin Booking Calendar | Appointment Booking | Bookit 安全漏洞 — Bookit — Booking & Appointment CalendarCWE-862 7.5 High2025-11-12
CVE-2025-12192 WordPress plugin The Events Calendar 安全漏洞 — The Events CalendarCWE-697 5.3 Medium2025-11-05
CVE-2025-12197 WordPress plugin The Events Calendar SQL注入漏洞 — The Events CalendarCWE-89 7.5 High2025-11-05
CVE-2025-12175 WordPress plugin The Events Calendar 安全漏洞 — The Events CalendarCWE-862 4.3 Medium2025-10-31
CVE-2025-62027 WordPress plugin Event Tickets 安全漏洞 — Event TicketsCWE-862 5.4 Medium2025-10-22
CVE-2025-49906 WordPress plugin WPComplete 安全漏洞 — WPCompleteCWE-862 5.3 Medium2025-10-22
CVE-2025-11517 WordPress plugin Event Tickets and Registration 安全漏洞 — Event Tickets and RegistrationCWE-639 7.5 High2025-10-18
CVE-2025-11228 WordPress plugin GiveWP 安全漏洞 — GiveWP – Donation Plugin and Fundraising PlatformCWE-862 5.3 Medium2025-10-04

本页汇总了 stellarwp 厂商截至目前公开的全部 115 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。