目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

wpdevteam 厂商漏洞列表 / CVE 中文分析 91

wpdevteam 厂商相关 91 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

wpdevteam 主要提供 WordPress 相关插件与主题开发服务。截至最新统计,其项目已收录 91 条 CVE,历史漏洞多集中于跨站脚本(XSS)、任意文件读取及未授权访问等类型,反映出输入验证与权限控制方面的不足。部分高危漏洞曾导致数据泄露风险,建议用户及时更新组件并严格审查第三方插件来源,以规避潜在的安全隐患。

上位製品 wpdevteam: Essential Addons for Elementor – Popular Elementor Templates & Widgets Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor Essential Blocks Pro SchedulePress – Auto Post & Publish, Auto Social Share, Schedule Posts with Editorial Calendar & Missed Schedule Post Publisher Templately – Elementor & Gutenberg Template Library: 6500+ Free & Pro Ready Templates And Cloud!
CVE IDタイトルCVSS深刻度公開日
CVE-2024-8440 Essential Addons for Elementor -- Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-09-11
CVE-2024-7092 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via no_more_items_text Parameter — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-08-13
CVE-2024-6557 SchedulePress <= 5.1.3 - Unauthenticated Full Path Disclosure — SchedulePress – Auto Post & Publish, Auto Social Share, Schedule Posts with Editorial Calendar & Missed Schedule Post PublisherCWE-200 5.3 Medium2024-07-16
CVE-2024-1565 EmbedPress <= 3.9.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via PDF Widget URL — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 6.4 Medium2024-06-13
CVE-2024-5189 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.23 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-06-11
CVE-2024-5188 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.22 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-06-06
CVE-2024-5571 EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 6.4 Medium2024-06-05
CVE-2024-5073 Essential Addons for Elementor <= 5.9.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Feed — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-30
CVE-2024-1803 EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.12 - Insufficient Authorization Checks to Block Usual — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-285 4.3 Medium2024-05-23
CVE-2024-4891 Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.12 - Authenticated (Contributor+) Stored Cross-Site Scripting — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & PatternsCWE-79 6.4 Medium2024-05-18
CVE-2024-4624 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.20 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-14
CVE-2024-4275 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Interactive Circles' — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-10
CVE-2024-4449 Essential Addons for Elementor <= 5.9.19 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Several Widgets — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-10
CVE-2024-4448 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table' — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-10
CVE-2024-4316 EmbedPress Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 6.4 Medium2024-05-09
CVE-2024-3728 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery & Interactive Circle — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-02
CVE-2024-4156 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.17 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-05-02
CVE-2024-4003 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-20 6.4 Medium2024-05-02
CVE-2024-3733 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Information Exposure — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-200 5.3 Medium2024-04-25
CVE-2024-3818 Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.9 - Authenticated (Contributor+) DOM-Based Cross-Site Scripting via "Social Icons" Block — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & PatternsCWE-79 5.4 Medium2024-04-19
CVE-2024-3333 Essential Addons for Elementor <= 5.9.14 - Authenticated (Contributor+) Store Cross-Site Scripting via Widget URL Attribute — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-04-17
CVE-2024-2623 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-79 6.4 Medium2024-04-09
CVE-2024-2974 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.13 - Unauthenticated Sensitive Information Exposure — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-200 5.3 Medium2024-04-09
CVE-2024-3244 EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 6.4 Medium2024-04-09
CVE-2024-2650 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-20 6.4 Medium2024-04-09
CVE-2024-2845 BetterDocs – Best Documentation, FAQ & Knowledge Base Plugin with AI Support & Instant Answer For Elementor & Gutenberg <= 3.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block EditorCWE-79 6.4 Medium2024-04-09
CVE-2024-3245 EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Youtube Block — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 6.4 Medium2024-04-06
CVE-2024-3018 Essential Addons for Elementor <= 5.9.13 - Authenticated (Author+) PHP Object Injection via error_resetpassword — Essential Addons for Elementor – Popular Elementor Templates & WidgetsCWE-502 8.8 High2024-03-30
CVE-2024-2468 EmbedPress <= 3.9.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Widget Attribute — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 6.4 Medium2024-03-23
CVE-2024-2688 EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.12 - Authenticated (Contributor+) Stored Cross-site Scripting via 'embedpress_doc_custom_color' — EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & moreCWE-79 5.4 Medium2024-03-23

本页汇总了 wpdevteam 厂商截至目前公开的全部 91 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。