Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

漏洞数据库 - AI 增强中文 CVE 平台 与情报

浏览 85+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。

Clear Filters
Found 85 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-6203 User Registration & Membership <= 5.1.4 - Unauthenticated Open Redirect via 'redirect_to_on_logout' Parameter wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 6.1 2026-04-13 22:25:54 Deep Dive
CVE-2026-1865 User Registration & Membership <= 5.1.2 - Authenticated (Subscriber+) SQL Injection via membership_ids[] wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 6.5 2026-04-08 11:16:57 Deep Dive
CVE-2026-39605 WordPress Super Custom Login plugin <= 1.1 - Broken Access Control vulnerability ObadiahSuper Custom Login--2026-04-08 08:30:22 Deep Dive
CVE-2026-4056 User Registration & Membership <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Content Access Rule Manipulation wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 5.4 2026-03-23 23:25:50 Deep Dive
CVE-2026-1492 User Registration & Membership <= 5.1.2 - Unauthenticated Privilege Escalation via Membership Registration wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Critical 9.8 2026-03-03 04:33:21 Deep Dive
CVE-2026-2356 User Registration & Membership <= 5.1.2 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 5.3 2026-02-26 02:23:56 Deep Dive
CVE-2026-1779 User Registration & Membership <= 5.1.2 - Authentication Bypass wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder High 8.1 2026-02-26 02:23:56 Deep Dive
CVE-2025-14444 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.6.9 - Unauthenticated Payment Bypass via rm_process_paypal_sdk_payment metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login Medium 5.3 2026-02-18 10:20:48 Deep Dive
CVE-2025-14975 Custom Login Page Customizer < 2.5.4 - Unauthenticated Arbitrary Password Reset UnknownCustom Login Page Customizer--2026-01-29 06:00:02 Deep Dive
CVE-2026-1054 RegistrationMagic <= 6.0.7.4 - Missing Authorization to Unauthenticated Arbitrary Settings Modification metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login Medium 5.3 2026-01-28 07:27:35 Deep Dive
CVE-2025-15403 RegistrationMagic <= 6.0.7.1 - Unauthenticated Privilege Escalation via admin_order metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login Critical 9.8 2026-01-17 02:22:32 Deep Dive
CVE-2025-14976 User Registration & Membership <= 4.4.8 - Cross-Site Request Forgery to Arbitrary Post Deletion wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 5.4 2026-01-10 08:22:57 Deep Dive
CVE-2025-49902 WordPress Login Page Customizer – Customizer Login Page, Admin Page, Custom Design plugin <= 2.1.1 - Broken Access Control vulnerability A WP LifeLogin Page Customizer &#8211; Customizer Login Page, Admin Page, Custom Design Medium 6.5 2025-12-18 07:21:44 Deep Dive
CVE-2025-13610 RegistrationMagic <= 6.0.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'RM_Forms' Shortcode metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login Medium 6.4 2025-12-15 14:25:11 Deep Dive
CVE-2025-13367 User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin <= 4.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 6.4 2025-12-15 14:25:10 Deep Dive
CVE-2025-13408 Foxtool All-in-One: Contact chat button, Custom login, Media optimize images <= 2.5.2 - Cross-Site Request Forgery to Google OAuth Connection foxthemeFoxtool All-in-One: Contact chat button, Custom login, Media optimize images Medium 4.3 2025-12-12 03:20:44 Deep Dive
CVE-2025-12132 WP Custom Admin Login Page Logo <= 1.4.8.4 - Cross-Site Request Forgery to Settings Update larsactionheroWP Custom Admin Login Page Logo Medium 4.3 2025-11-11 03:30:41 Deep Dive
CVE-2017-20208 RegistrationMagic - Custom Registration Forms <= 3.7.9.2 - PHP Object Injection metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login Critical 9.8 2025-10-18 03:33:25 Deep Dive
CVE-2025-11204 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.6.2 - Authenticated (Administrator+) SQL Injection metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login High 7.2 2025-10-08 04:23:40 Deep Dive
CVE-2025-58969 WordPress Custom Login URL Plugin <= 1.0.2 - Broken Access Control Vulnerability Greg WiniarskiCustom Login URL Medium 5.3 2025-09-22 18:26:10 Deep Dive