浏览 53+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-39691 | WordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations plugin <= 2.2.13 - Broken Access Control vulnerability | AdAstraCrypto | Cryptocurrency Donation Box – Bitcoin & Crypto Donations | - | - | 2026-04-08 08:30:45 | Deep Dive |
| CVE-2026-3177 | Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More <= 1.8.9.7 - Insufficient Verification of Data Authenticity to Unauthenticated Donation Status Forgery via Stripe Webhook | smub | Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More | Medium | 5.3 | 2026-04-07 07:40:14 | Deep Dive |
| CVE-2026-28115 | WordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin <= 1.25 - SQL Injection vulnerability | loopus | WP Attractive Donations System - Easy Stripe & Paypal donations | 中危 | - | 2026-03-05 05:54:28 | Deep Dive |
| CVE-2025-22715 | WordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin <= 1.25 - Arbitrary Content Deletion vulnerability | loopus | WP Attractive Donations System - Easy Stripe & Paypal donations | High | 7.5 | 2026-01-08 09:17:40 | Deep Dive |
| CVE-2025-68602 | WordPress Accept Donations with PayPal plugin <= 1.5.2 - Open Redirection vulnerability | Scott Paterson | Accept Donations with PayPal & Stripe | Medium | 4.7 | 2025-12-24 13:10:47 | Deep Dive |
| CVE-2025-58999 | WordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin <= 1.25 - Cross Site Request Forgery (CSRF) vulnerability | loopus | WP Attractive Donations System - Easy Stripe & Paypal donations | - | - | 2025-12-16 08:12:47 | Deep Dive |
| CVE-2025-9322 | Stripe Payment Forms <= 8.3.1 - Unauthenticated SQL Injection | themeisle | Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions | High | 7.5 | 2025-10-25 06:49:23 | Deep Dive |
| CVE-2025-11893 | Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More <= 1.8.8.4 - Authenticated (Subscriber+) SQL Injection | smub | Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More | Medium | 6.5 | 2025-10-25 06:49:22 | Deep Dive |
| CVE-2025-58956 | WordPress WP Attractive Donations System Plugin < 1.29 - Cross Site Request Forgery (CSRF) Vulnerability | loopus | WP Attractive Donations System | High | 7.1 | 2025-09-22 18:26:14 | Deep Dive |
| CVE-2025-57891 | WordPress Recurring PayPal Donations Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability | wpecommerce | Recurring PayPal Donations | Medium | 5.9 | 2025-08-22 11:59:57 | Deep Dive |
| CVE-2025-5275 | Charitable <= 1.8.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin's Privacy Settings | smub | Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More | Medium | 4.4 | 2025-06-26 02:22:22 | Deep Dive |
| CVE-2025-43837 | WordPress Total Donations <= 3.0.8 - Cross Site Scripting (XSS) Vulnerability | binti76 | Total Donations | High | 7.1 | 2025-05-19 18:20:34 | Deep Dive |
| CVE-2025-47517 | WordPress Accept Donations with PayPal plugin <= 1.4.5 - CSRF to Stored XSS vulnerability | Scott Paterson | Accept Donations with PayPal & Stripe | High | 7.1 | 2025-05-07 14:20:05 | Deep Dive |
| CVE-2024-13728 | Accept Donations with PayPal & Stripe <= 1.4.4 - Reflected Cross-Site Scripting | scottpaterson | Accept Donations with PayPal & Stripe | Medium | 6.1 | 2025-02-23 05:22:33 | Deep Dive |
| CVE-2024-13527 | Philantro – Donations and Donor Management <= 5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via donate Shortcode | philantro | Philantro – Donations and Donor Management | Medium | 6.4 | 2025-01-28 08:21:35 | Deep Dive |
| CVE-2024-11607 | GTPayment Donations <= 1.0.0 - Stored XSS via CSRF | Unknown | GTPayment Donations | 中危 | - | 2024-12-21 06:00:07 | Deep Dive |
| CVE-2024-12500 | Philantro – Donations and Donor Management <= 5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | philantro | Philantro – Donations and Donor Management | Medium | 6.4 | 2024-12-18 02:24:11 | Deep Dive |
| CVE-2023-38475 | WordPress Donations Made Easy – Smart Donations plugin <= 4.0.12 - Broken Access Control vulnerability | EDGARROJAS | Donations Made Easy – Smart Donations | Medium | 4.3 | 2024-12-13 14:23:55 | Deep Dive |
| CVE-2024-11684 | Kudos Donations – Easy donations and payments with Mollie <= 3.2.9 - Reflected Cross-Site Scripting | iseardmedia | Kudos Donations: Easy Donations with Mollie | One-off & Recurring | PDF Invoices | Buttons & Forms | Medium | 6.1 | 2024-11-28 08:47:36 | Deep Dive |
| CVE-2024-11685 | Kudos Donations – Easy donations and payments with Mollie <= 3.2.9 - Reflected Cross-Site Scripting via 'add_query_arg' | iseardmedia | Kudos Donations: Easy Donations with Mollie | One-off & Recurring | PDF Invoices | Buttons & Forms | Medium | 6.1 | 2024-11-28 08:47:34 | Deep Dive |