浏览 54+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-22337 | WordPress Directorist Social Login plugin < 2.1.4 - Privilege Escalation vulnerability | Directorist | Directorist Social Login | Critical | 9.8 | 2026-04-27 10:31:04 | Deep Dive |
| CVE-2025-68998 | WordPress Heateor Social Login plugin <= 1.1.39 - Cross Site Request Forgery (CSRF) vulnerability | Heateor Support | Heateor Social Login | Medium | 5.4 | 2025-12-30 10:47:52 | Deep Dive |
| CVE-2025-68974 | WordPress WordPress Social Login and Register plugin <= 7.7.0 - Local File Inclusion vulnerability | miniOrange | WordPress Social Login and Register | Medium | 6.6 | 2025-12-30 10:47:48 | Deep Dive |
| CVE-2025-13620 | Wp Social Login and Register Social Counter <= 3.1.3 - Missing Authorization in Cache REST Endpoints to Social Counter Tampering | roxnor | Wp Social Login and Register Social Counter | Medium | 5.3 | 2025-12-05 10:57:56 | Deep Dive |
| CVE-2025-13737 | Nextend Social Login and Register <= 3.1.21 - Cross-Site Request Forgery to Unlink User Social Login | nextendweb | Nextend Social Login and Register | Medium | 4.3 | 2025-11-28 03:27:06 | Deep Dive |
| CVE-2025-10140 | Quick Social Login <= 1.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | andreiigna | Quick Social Login | Medium | 6.4 | 2025-10-15 08:26:00 | Deep Dive |
| CVE-2025-9857 | Heateor Login – Social Login Plugin <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting | heateor | Heateor Login – Social Login Plugin | Medium | 6.4 | 2025-09-10 06:38:51 | Deep Dive |
| CVE-2025-47670 | WordPress Social Login and Register plugin <= 7.6.10 - Local File Inclusion Vulnerability | miniOrange | WordPress Social Login and Register | High | 8.1 | 2025-05-23 12:43:22 | Deep Dive |
| CVE-2025-39472 | WordPress WooCommerce Social Login plugin < 2.8.3 - Cross Site Request Forgery (CSRF) vulnerability | wpweb | WooCommerce Social Login | Medium | 4.3 | 2025-04-16 17:15:50 | Deep Dive |
| CVE-2024-11087 | miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon <= 200.3.9 - Authentication Bypass | cyberlord92 | miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) | High | 8.1 | 2025-03-08 07:04:55 | Deep Dive |
| CVE-2025-1506 | Wp Social Login and Register Social Counter <= 3.1.0 - Cross-Site Request Forgery to Settings Update | roxnor | Wp Social Login and Register Social Counter | Medium | 4.3 | 2025-02-28 05:23:16 | Deep Dive |
| CVE-2025-1717 | Login Me Now <= 1.7.2 - Authentication Bypass | pluginly | Login Me Now – Passwordless, Magic Link, OTP & Social Login for WordPress | High | 8.1 | 2025-02-27 07:23:13 | Deep Dive |
| CVE-2025-1061 | Nextend Social Login Pro <= 3.1.16 - Authentication Bypass via Apple OAuth provider | nextendweb | Nextend Social Login Pro | Critical | 9.8 | 2025-02-07 01:41:10 | Deep Dive |
| CVE-2024-13230 | Social Share, Social Login and Social Comments Plugin – Super Socializer <= 7.14 - Unauthenticated Limited SQL Injection via 'SuperSocializerKey' | the_champ | Social Share, Social Login and Social Comments Plugin – Super Socializer | Medium | 5.3 | 2025-01-21 11:09:46 | Deep Dive |
| CVE-2023-24375 | WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 - Broken Access Control vulnerability | miniOrange | WordPress Social Login and Register | Low | 3.5 | 2024-12-09 11:31:41 | Deep Dive |
| CVE-2023-25455 | WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.6.0 - Arbitrary Content Deletion vulnerability | miniOrange | WordPress Social Login and Register | Medium | 5.3 | 2024-12-09 11:31:33 | Deep Dive |
| CVE-2024-11293 | Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login <= 1.7.9 - Authentication Bypass via WordPress.com OAuth provider | Genetech Solutions | Pie Register - Social Sites Login (Add on) | High | 8.1 | 2024-12-04 07:32:26 | Deep Dive |
| CVE-2024-10961 | Social Login <= 5.9.0 - Authentication Bypass via Disqus OAuth provider | claudeschlesser | Social Login | Critical | 9.8 | 2024-11-23 03:25:48 | Deep Dive |
| CVE-2024-9946 | Social Share, Social Login and Social Comments Plugin – Super Socializer <= 7.13.68 - Authentication Bypass via Disqus OAuth provider | the_champ | Social Share, Social Login and Social Comments Plugin – Super Socializer | High | 8.1 | 2024-11-06 06:43:32 | Deep Dive |
| CVE-2024-10020 | Heateor Social Login WordPress <= 1.1.35 - Authentication Bypass via Disqus OAuth provider | heateor | Heateor Social Login WordPress | High | 8.1 | 2024-11-06 06:43:31 | Deep Dive |