浏览 73+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-32346 | WordPress Travel Agency theme <= 1.5.5 - Broken Access Control vulnerability | raratheme | Travel Agency | 中危 | - | 2026-03-13 11:41:58 | Deep Dive |
| CVE-2019-25536 | Netartmedia PHP Real Estate Agency 4.0 SQL Injection via features parameter | Netartmedia | Netartmedia PHP Real Estate Agency | High | 8.2 | 2026-03-12 15:37:07 | Deep Dive |
| CVE-2026-27098 | WordPress Au Pair Agency - Babysitting & Nanny Theme theme <= 1.2.2 - Deserialization of untrusted data vulnerability | axiomthemes | Au Pair Agency - Babysitting & Nanny Theme | 中危 | - | 2026-03-05 05:53:50 | Deep Dive |
| CVE-2026-2009 | SourceCodester Gas Agency Management System createUser.php access control | SourceCodester | Gas Agency Management System | Medium | 6.3 | 2026-02-06 07:32:09 | Deep Dive |
| CVE-2025-49349 | WordPress Reuters Direct plugin <= 3.0.0 - Broken Access Control vulnerability | Reuters News Agency | Reuters Direct | Medium | 5.3 | 2025-12-31 14:48:34 | Deep Dive |
| CVE-2025-13546 | ashraf-kabir travel-agency Search results.php sql injection | ashraf-kabir | travel-agency | Medium | 6.3 | 2025-11-23 10:32:06 | Deep Dive |
| CVE-2025-13545 | ashraf-kabir travel-agency index.php sql injection | ashraf-kabir | travel-agency | Medium | 4.7 | 2025-11-23 10:02:05 | Deep Dive |
| CVE-2025-13544 | ashraf-kabir travel-agency customer_register.php unrestricted upload | ashraf-kabir | travel-agency | Medium | 6.3 | 2025-11-23 09:02:06 | Deep Dive |
| CVE-2025-10295 | Angel – Fashion Model Agency WordPress CMS Theme <= 3.2.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting | kayapati | Angel – Fashion Model Agency WordPress CMS Theme | Medium | 6.4 | 2025-11-13 08:27:47 | Deep Dive |
| CVE-2025-58965 | WordPress Fusion Page Builder : Extension – Gallery Plugin <= 1.7.6 - Cross Site Scripting (XSS) Vulnerability | Agency Dominion Inc. | Fusion Page Builder : Extension – Gallery | Medium | 6.5 | 2025-09-22 18:26:11 | Deep Dive |
| CVE-2025-5938 | Digital Marketing and Agency Templates Addons for Elementor <= 1.1.1 - Cross-Site Request Forgery to Import | themebon | Digital Marketing and Agency Templates Addons for Elementor | Medium | 5.3 | 2025-06-13 01:47:51 | Deep Dive |
| CVE-2025-31052 | WordPress The Fashion - Model Agency One Page Beauty Theme plugin <= 1.4.4 - Deserialization of untrusted data Vulnerability | themeton | The Fashion - Model Agency One Page Beauty Theme | Critical | 9.8 | 2025-06-09 15:56:46 | Deep Dive |
| CVE-2025-39513 | WordPress ActiveDEMAND plugin <= 0.2.46 - Broken Access Control vulnerability | ActiveDEMAND Online Agency Marketing Automation | ActiveDEMAND | Medium | 5.3 | 2025-04-16 12:45:54 | Deep Dive |
| CVE-2025-31863 | WordPress Agency Toolkit plugin <= 1.0.24 - Broken Access Control vulnerability | inspry | Agency Toolkit | Medium | 5.3 | 2025-04-01 14:52:07 | Deep Dive |
| CVE-2025-31549 | WordPress Fusion plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability | Agency Dominion Inc. | Fusion | Medium | 6.5 | 2025-03-31 12:55:16 | Deep Dive |
| CVE-2024-10633 | Quiz Maker Business, Developer, and Agency <= (Multiple Versions) - Unauthenticated Arbitrary Shortcode Execution via content | AYS Pro Plugins | Quiz Maker Developer | High | 7.3 | 2025-01-26 05:24:16 | Deep Dive |
| CVE-2024-10574 | Quiz Maker Business, Developer, and Agency <= (Multiple Versions) - Missing Authorization to Google Sheets Integration Credentials Modification and Stored Cross-Site Scripting | AYS Pro Plugins | Quiz Maker Developer | High | 7.2 | 2025-01-26 05:24:15 | Deep Dive |
| CVE-2024-10628 | Quiz Maker Business, Developer, and Agency <= (Multiple Versions) - Unauthenticated SQL Injection via id | AYS Pro Plugins | Quiz Maker Business | High | 7.5 | 2025-01-26 05:24:15 | Deep Dive |
| CVE-2024-10636 | Quiz Maker Business, Developer, and Agency <= (Multiple Versions) - Reflected DOM-Based Cross-Site Scripting via content | AYS Pro Plugins | Quiz Maker Developer | Medium | 6.1 | 2025-01-26 05:24:14 | Deep Dive |
| CVE-2024-37451 | WordPress Travel Agency theme <= 1.4.9 - Cross Site Request Forgery (CSRF) vulnerability | raratheme | Travel Agency | Medium | 4.3 | 2025-01-02 12:00:53 | Deep Dive |