| 漏洞ID | 标题 | 厂商 | 产品 | 风险等级 | CVSS 评分 | 发布日期 | AI 分析 |
|---|---|---|---|---|---|---|---|
| CVE-2026-8424 | Remove Yellow BGBOX 1.0 跨站请求伪造漏洞 | jay_patel | Remove Yellow BGBOX | 中危 | 4.3 | 2026-05-20 01:25:54 | 深度分析 |
| CVE-2026-8419 | Amazon Scraper 1.1 跨站请求伪造到存储型跨站脚本漏洞 | submone | Amazon Scraper | 中危 | 4.3 | 2026-05-20 01:25:54 | 深度分析 |
| CVE-2026-6394 | Nexa Blocks <= 1.1.1 未授权盲SSRF漏洞 | wpdive | Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE | 中危 | 5.4 | 2026-05-20 01:25:53 | 深度分析 |
| CVE-2026-5293 | 診断ジェネレータ作成プラグイン <= 1.4.16 保存型XSS漏洞 | olivesystem | 診断ジェネレータ作成プラグイン | 中危 | 6.4 | 2026-05-20 01:25:53 | 深度分析 |
| CVE-2026-7467 | Read More & Accordion <= 3.5.7 权限提升漏洞 | edmonparker | Read More & Accordion | 高危 | 8.8 | 2026-05-20 01:25:52 | 深度分析 |
| CVE-2026-6391 | Sentence To SEO <=1.0 设置页存储型XSS漏洞 | eazyserver | Sentence To SEO (keywords, description and tags) | 中危 | 6.1 | 2026-05-20 01:25:52 | 深度分析 |
| CVE-2026-8420 | BLOGCHAT Chat System <= 1.3.6.3 CSRF转存储XSS漏洞 | rdbeach | BLOGCHAT Chat System | 中危 | 6.1 | 2026-05-20 01:25:52 | 深度分析 |
| CVE-2026-7462 | VatanSMS WP SMS <=1.01 page参数反射型XSS漏洞 | vatanyazilim | VatanSMS WP SMS | 中危 | 6.1 | 2026-05-20 01:25:51 | 深度分析 |
| CVE-2026-6456 | Account Switcher ≤1.0.2 认证绕过权限提升漏洞 | beycanpress | Account Switcher | 高危 | 8.8 | 2026-05-20 01:25:51 | 深度分析 |
| CVE-2026-8423 | JaviBola Custom Theme Test <= 2.0.5 跨站请求伪造漏洞 | javibola | JaviBola Custom Theme Test | 中危 | 4.3 | 2026-05-20 01:25:50 | 深度分析 |
| CVE-2026-8610 | TypeSquare Webfonts for ConoHa <=2.0.4 认证用户越权修改插件设置漏洞 | conoha | TypeSquare Webfonts for ConoHa | 中危 | 4.3 | 2026-05-20 01:25:50 | 深度分析 |
| CVE-2026-8626 | SponsorMe <= 0.5.2 PHP_SELF参数反射型跨站脚本漏洞 | owencutajar | SponsorMe | 中危 | 6.1 | 2026-05-20 01:25:50 | 深度分析 |
| CVE-2026-6452 | Bigfishgames Syndicate ≤1.2 跨站请求伪造漏洞 | ktulhu | Bigfishgames Syndicate | 中危 | 4.3 | 2026-05-20 01:25:49 | 深度分析 |
| CVE-2026-8627 | Correct Prices <= 1.0 反射型跨站脚本漏洞 | lykich | Correct Prices | 中危 | 6.1 | 2026-05-20 01:25:49 | 深度分析 |
| CVE-2026-6404 | Anomify AI <= 0.3.6 存储型XSS漏洞 | simonholliday | Anomify AI – Anomaly Detection and Alerting | 中危 | 4.4 | 2026-05-20 01:25:48 | 深度分析 |
| CVE-2026-3985 | Creative Mail 1.6.9 未授权 SQL 注入漏洞 | constantcontact | Creative Mail – Easier WordPress & WooCommerce Email Marketing | 高危 | 7.5 | 2026-05-20 01:25:48 | 深度分析 |
| CVE-2026-7284 | Easy Elements for Elementor <=1.4.4 未授权权限提升漏洞 | themewant | Easy Elements for Elementor – Addons & Website Templates | 超危 | 9.8 | 2026-05-20 01:25:47 | 深度分析 |
| CVE-2026-8685 | Infility Global <= 2.15.16 订阅者SQL注入漏洞 | infility | Infility Global | 中危 | 6.5 | 2026-05-20 01:25:47 | 深度分析 |
| CVE-2026-6397 | Sticky <= 2.5.6 通过readmoretext属性导致存储型XSS漏洞 | cvmh | Sticky | 中危 | 6.4 | 2026-05-20 01:25:46 | 深度分析 |
| CVE-2026-8624 | LJ comments import <= 0.97.1 反射型XSS漏洞 | etspring | LJ comments import: reloaded | 中危 | 6.1 | 2026-05-20 01:25:46 | 深度分析 |