浏览 25+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-32483 | WordPress Contact Form Email plugin <= 1.3.63 - Broken Access Control vulnerability | codepeople | Contact Form Email | 中危 | - | 2026-03-25 16:14:58 | Deep Dive |
| CVE-2025-10019 | WordPress Contact Form Email plugin <= 1.3.60 - Insecure Direct Object References (IDOR) vulnerability | codepeople | Contact Form Email | Medium | 6.5 | 2025-12-18 07:21:40 | Deep Dive |
| CVE-2025-64369 | WordPress Contact Form Email plugin <= 1.3.58 - Broken Access Control vulnerability | codepeople | Contact Form Email | 中危 | - | 2025-11-13 09:24:33 | Deep Dive |
| CVE-2025-11975 | FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) <= 1.1.23.0 - Missing Authorization to Authenticated (Subscriber+) Sync Rule Creation | fusewp | FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) | Medium | 4.3 | 2025-10-31 02:26:04 | Deep Dive |
| CVE-2025-11976 | FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) <= 1.1.23.0 - Cross-Site Request Forgery to Sync Rule Creation | fusewp | FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) | Medium | 4.3 | 2025-10-25 06:49:25 | Deep Dive |
| CVE-2025-1450 | Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button, WhatsApp – Chaty <= 3.3.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | premio | Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty | Medium | 6.4 | 2025-02-27 09:21:49 | Deep Dive |
| CVE-2024-13467 | WP Contact Form7 Email Spam Blocker <= 1.0.0 - Reflected Cross-Site Scripting | hk1993 | WP Contact Form7 Email Spam Blocker | Medium | 6.1 | 2025-01-25 07:24:17 | Deep Dive |
| CVE-2025-24727 | WordPress Contact Form to Email Plugin <= 1.3.52 - Cross Site Scripting (XSS) vulnerability | codepeople | Contact Form Email | Medium | 5.9 | 2025-01-24 17:25:09 | Deep Dive |
| CVE-2024-13256 | Email Contact - Moderately critical - Access bypass - SA-CONTRIB-2024-020 | Drupal | Email Contact | 中危 | - | 2025-01-09 19:03:48 | Deep Dive |
| CVE-2024-10898 | Contact Form 7 Email Add on <= 1.9 - Authenticated (Contributor+) Local File Inclusion | krishaweb | Email addon for CF7 | High | 8.8 | 2024-11-21 02:06:46 | Deep Dive |
| CVE-2024-4149 | Floating Chat Widget < 3.2.3 - Admin+ Stored XSS | Unknown | Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button | - | - | 2024-06-13 06:00:03 | Deep Dive |
| CVE-2023-48318 | WordPress Contact Form Email plugin <= 1.3.41 - Captcha Bypass vulnerability | CodePeople | Contact Form Email | Medium | 5.3 | 2024-06-04 10:26:33 | Deep Dive |
| CVE-2023-28494 | WordPress Contact Form Email plugin <= 1.3.31 - Missing Authorization Leading To Feedback Submission Vulnerability | CodePeople | Contact Form Email | Medium | 4.3 | 2024-06-04 07:06:02 | Deep Dive |
| CVE-2024-2972 | Floating Chat Widget < 3.1.9 - Editor+ Stored XSS | Unknown | Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button | 中危 | - | 2024-04-24 05:00:03 | Deep Dive |
| CVE-2024-31302 | WordPress Contact Form Email plugin <= 1.3.44 - Sensitive Data Exposure vulnerability | CodePeople | Contact Form Email | Medium | 5.3 | 2024-04-10 15:32:41 | Deep Dive |
| CVE-2024-0898 | Chat Bubble <= 2.3 - Authenticated (Administrator+) Stored Cross-Site Scripting | bluecoral | Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back | Medium | 4.4 | 2024-03-13 15:27:09 | Deep Dive |
| CVE-2023-48769 | WordPress Chat Bubble Plugin <= 2.3 is vulnerable to Cross Site Request Forgery (CSRF) | Blue Coral | Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back | Medium | 4.3 | 2023-12-18 21:57:08 | Deep Dive |
| CVE-2023-5955 | Contact Form Email < 1.3.44 - Editor+ Stored Cross-Site Scripting | Unknown | Contact Form Email | - | - | 2023-12-11 19:30:27 | Deep Dive |
| CVE-2023-4961 | Poptin <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | poptin | Poptin – Exit Pop Ups & Email Popups | Medium | 6.4 | 2023-10-20 07:29:22 | Deep Dive |
| CVE-2023-3245 | Floating Chat Widget < 3.1.2 - Admin+ Stored Cross-Site Scripting | Unknown | Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button | 中危 | - | 2023-07-17 13:29:56 | Deep Dive |