浏览 39+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2712 | WP-Optimize <= 4.5.0 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update and Image Manipulation | davidanderson | WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance | Medium | 5.4 | 2026-04-10 01:24:58 | Deep Dive |
| CVE-2026-3381 | Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib | PMQS | Compress::Raw::Zlib | 高危 | - | 2026-03-05 01:28:48 | Deep Dive |
| CVE-2026-25370 | WordPress WP Compress plugin <= 6.60.28 - Broken Access Control vulnerability | AresIT | WP Compress | Medium | 5.3 | 2026-02-19 08:27:00 | Deep Dive |
| CVE-2025-68859 | WordPress Syntax Highlighter Compress plugin <= 3.0.83.3 - Reflected Cross Site Scripting (XSS) vulnerability | agmorpheus | Syntax Highlighter Compress | - | - | 2026-01-22 16:52:10 | Deep Dive |
| CVE-2025-64639 | WordPress WP Compress for MainWP plugin <= 6.50.17 - Broken Access Control vulnerability | WP Compress | WP Compress for MainWP | Medium | 5.3 | 2025-12-16 08:12:52 | Deep Dive |
| CVE-2025-57899 | WordPress WP Compress Plugin <= 6.50.54 - Broken Access Control Vulnerability | AresIT | WP Compress | Medium | 5.3 | 2025-09-22 18:25:29 | Deep Dive |
| CVE-2025-8889 | Compress Then Upload < 1.0.5 - Admin+ Arbitrary File Upload | Unknown | Compress & Upload | - | - | 2025-09-09 06:00:08 | Deep Dive |
| CVE-2025-47479 | WordPress WP Compress plugin <= 6.30.30 - Broken Authentication Vulnerability | AresIT | WP Compress | Medium | 5.3 | 2025-07-04 11:18:05 | Deep Dive |
| CVE-2025-30932 | WordPress WP Compress for MainWP plugin <= 6.30.32 - Broken Access Control Vulnerability | WP Compress | WP Compress for MainWP | Medium | 5.4 | 2025-06-06 12:54:18 | Deep Dive |
| CVE-2020-36846 | IO::Compress::Brotli versions prior to 0.007 for Perl have an integer overflow in the bundled Brotli C library | TIMLEGGE | IO::Compress::Brotli | - | - | 2025-05-30 00:50:29 | Deep Dive |
| CVE-2025-47546 | WordPress WP Compress plugin <= 6.30.30 - Cross Site Request Forgery (CSRF) Vulnerability | AresIT | WP Compress | High | 7.1 | 2025-05-07 14:20:18 | Deep Dive |
| CVE-2025-31788 | WordPress AIO Performance Profiler, Monitor, Optimize, Compress & Debug plugin <= 1.3 - Sensitive Data Exposure vulnerability | Smackcoders Inc., | AIO Performance Profiler, Monitor, Optimize, Compress & Debug | Medium | 5.3 | 2025-04-01 14:51:29 | Deep Dive |
| CVE-2025-31076 | WordPress WP Compress for MainWP plugin <= 6.30.03 - Server Side Request Forgery (SSRF) vulnerability | WP Compress | WP Compress for MainWP | Medium | 4.9 | 2025-03-28 09:39:57 | Deep Dive |
| CVE-2025-22647 | WordPress AIO Performance Profiler plugin <= 1.2 - Broken Access Control vulnerability | Smackcoders Inc., | AIO Performance Profiler, Monitor, Optimize, Compress & Debug | Medium | 4.3 | 2025-03-27 15:07:25 | Deep Dive |
| CVE-2025-2110 | WP Compress <= 6.30.15 - Authenticated (Subscriber+) Missing Authorization via Multiple Functions | aresit | WP Compress – Instant Performance & Speed Optimization | High | 8.8 | 2025-03-26 11:22:09 | Deep Dive |
| CVE-2025-2109 | WP Compress <= 6.30.15 - Unauthenticated Server-Side Request Forgery via init Function | aresit | WP Compress – Instant Performance & Speed Optimization | Medium | 5.8 | 2025-03-25 11:12:09 | Deep Dive |
| CVE-2024-12047 | WP Compress – Instant Performance & Speed Optimization <= 6.30.03 - Reflected Cross-Site Scripting via custom_server Parameter | aresit | WP Compress – Instant Performance & Speed Optimization | Medium | 6.1 | 2025-01-04 07:24:23 | Deep Dive |
| CVE-2024-47384 | WordPress WP Compress plugin <= 6.20.13 - Reflected Cross Site Scripting (XSS) vulnerability | AresIT | WP Compress | High | 7.1 | 2024-10-05 14:53:26 | Deep Dive |
| CVE-2023-3352 | Smush – Lazy Load Images, Optimize & Compress Images <= 3.16.4 - Missing Authorization to Resmush List Deletion | wpmudev | Smush – Image Optimization, Compression, Lazy Load, WebP & CDN | Medium | 4.3 | 2024-06-21 02:05:44 | Deep Dive |
| CVE-2024-4445 | WP Compress – Image Optimizer [All-In-One] <= 6.20.01 - Missing Authorization | aresit | WP Compress – Instant Performance & Speed Optimization | Medium | 6.5 | 2024-05-14 05:33:00 | Deep Dive |