浏览 36+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-11373 | Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Safe File Type Upload | averta | Depicter — Popup & Slider Builder | Medium | 4.3 | 2025-11-05 06:35:01 | Deep Dive |
| CVE-2025-7342 | VM images built with Kubernetes Image Builder Nutanix or OVA providers use default credentials for Windows images if user did not override | Kubernetes | Image Builder | High | 7.5 | 2025-08-17 23:03:57 | Deep Dive |
| CVE-2025-2011 | Slider & Popup Builder by Depicter <= 3.6.1 - Unauthenticated SQL Injection via 's' Parameter | averta | Depicter — Popup & Slider Builder | High | 7.5 | 2025-05-06 09:21:49 | Deep Dive |
| CVE-2025-46484 | WordPress Image Hover Effects For WPBakery Page Builder plugin <= 2.0 - Cross Site Scripting (XSS) Vulnerability | nasir179125 | Image Hover Effects For WPBakery Page Builder | Medium | 6.5 | 2025-04-24 16:08:50 | Deep Dive |
| CVE-2024-4633 | Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel <= 3.2.1- Authenticated (Author+) Stored Cross-Site Scripting | averta | Depicter — Popup & Slider Builder | Medium | 6.4 | 2024-12-06 13:45:20 | Deep Dive |
| CVE-2024-9584 | Image Map Pro <= 6.0.20 - Missing Authorization to Authenticated (Contributor+) Map Project Add/Update/Delete | imagemappro | Image Map Pro – Drag-and-drop Builder for Interactive Images | Medium | 5.4 | 2024-10-25 17:32:20 | Deep Dive |
| CVE-2024-9585 | Image Map Pro <= 6.0.20 - Authenticated (Contributor+) Stored Cross-Site Scripting | imagemappro | Image Map Pro – Drag-and-drop Builder for Interactive Images | Medium | 6.4 | 2024-10-25 17:32:19 | Deep Dive |
| CVE-2024-9594 | VM images built with Image Builder with some providers use default credentials during builds | Kubernetes | Image Builder | Medium | 6.3 | 2024-10-15 20:37:01 | Deep Dive |
| CVE-2024-9486 | VM images built with Image Builder and Proxmox provider use default credentials | Kubernetes | Image Builder | Critical | 9.8 | 2024-10-15 20:33:43 | Deep Dive |
| CVE-2024-4389 | Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel <= 3.1.1 - Authenticated (Contributor+) Arbitrary File Upload | averta | Depicter — Popup & Slider Builder | High | 8.8 | 2024-08-14 08:29:44 | Deep Dive |
| CVE-2024-4390 | Depicter <= 3.0.2 - Authenticated (Contributor+) Arbitrary Nonce Generation | averta | Depicter — Popup & Slider Builder | Medium | 6.5 | 2024-06-20 03:37:23 | Deep Dive |
| CVE-2023-46823 | WordPress ImageLinks Interactive Image Builder Plugin <= 1.5.4 is vulnerable to SQL Injection | Avirtum | ImageLinks Interactive Image Builder for WordPress | 高危 | - | 2023-11-06 09:15:09 | Deep Dive |
| CVE-2023-3412 | Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite <= 1.0.0 - Missing Authorization to Stored Cross-Site Scripting | webcraftplugins | Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite | Medium | 6.4 | 2023-06-27 03:28:28 | Deep Dive |
| CVE-2023-3411 | Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | webcraftplugins | Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite | Medium | 6.1 | 2023-06-27 03:28:27 | Deep Dive |
| CVE-2023-3055 | Page Builder by AZEXO <= 1.27.133 - Cross-Site Request Forgery to Stored Cross-Site Scripting via azh_save | azexo | Page Builder with Image Map by AZEXO | Medium | 6.1 | 2023-06-02 23:37:56 | Deep Dive |
| CVE-2023-3053 | Page Builder by AZEXO <= 1.27.133 - Missing Authorization to Post Creation | azexo | Page Builder with Image Map by AZEXO | Medium | 5.4 | 2023-06-02 23:37:56 | Deep Dive |
| CVE-2023-3052 | Page Builder by AZEXO <= 1.27.133 - Cross-Site Request Forgery to Post Creation/Modification/Deletion | azexo | Page Builder with Image Map by AZEXO | Medium | 6.3 | 2023-06-02 23:37:56 | Deep Dive |
| CVE-2023-3051 | Page Builder by AZEXO <= 1.27.133 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | azexo | Page Builder with Image Map by AZEXO | Medium | 6.4 | 2023-06-02 23:37:55 | Deep Dive |
| CVE-2022-45846 | WordPress Image Map Pro Plugin < 5.6.9 is vulnerable to Cross Site Request Forgery (CSRF) | Nickys | Image Map Pro for WordPress - Interactive SVG Image Map Builder | Medium | 5.4 | 2023-05-10 11:08:51 | Deep Dive |
| CVE-2023-0399 | Image Over Image For WPBakery Page Builder < 3.0 - Contributor+ Stored XSS | Unknown | Image Over Image For WPBakery Page Builder | 中危 | - | 2023-04-03 14:38:29 | Deep Dive |