浏览 28+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-32495 | WordPress WP Terms Popup plugin <= 2.10.0 - Broken Access Control vulnerability | Link Software LLC | WP Terms Popup | 中危 | - | 2026-03-25 16:14:59 | Deep Dive |
| CVE-2026-24621 | WordPress Terms descriptions plugin <= 3.4.9 - Cross Site Scripting (XSS) vulnerability | Vladimir Statsenko | Terms descriptions | Medium | 5.9 | 2026-01-23 14:29:07 | Deep Dive |
| CVE-2026-24567 | WordPress Anything Order by Terms plugin <= 1.4.0 - Broken Access Control vulnerability | briarinc | Anything Order by Terms | Medium | 4.3 | 2026-01-23 14:28:56 | Deep Dive |
| CVE-2025-62139 | WordPress Terms descriptions plugin <= 3.4.10 - Sensitive Data Exposure vulnerability | Vladimir Statsenko | Terms descriptions | Medium | 5.3 | 2025-12-31 15:08:46 | Deep Dive |
| CVE-2025-49351 | WordPress Create Posts & Terms plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability | Valentin Agachi | Create Posts & Terms | - | - | 2025-12-09 14:52:18 | Deep Dive |
| CVE-2025-66097 | WordPress I Order Terms plugin <= 1.5.0 - Cross Site Request Forgery (CSRF) vulnerability | Igor Jerosimić | I Order Terms | Medium | 4.3 | 2025-11-21 12:30:00 | Deep Dive |
| CVE-2025-11816 | Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.5.1 - Missing Authorization to Unauthenticated API Disconnect | wplegalpages | Privacy Policy Generator – WPLP Legal Pages | Medium | 5.3 | 2025-11-01 01:47:40 | Deep Dive |
| CVE-2025-39534 | WordPress Terms Dictionary Plugin <= 1.5.1 - Reflected Cross Site Scripting (XSS) vulnerability | Somonator | Terms Dictionary | - | - | 2025-10-22 14:32:06 | Deep Dive |
| CVE-2025-8565 | Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.4.3 - Missing Authorization to Authenticated (Contributor+) Arbitrary Plugin Installation | wplegalpages | Privacy Policy Generator – WPLP Legal Pages | High | 8.1 | 2025-09-18 09:31:29 | Deep Dive |
| CVE-2025-6719 | Terms descriptions <= 3.4.8 - Authenticated (Admin+) Stored Cross-Site Scripting | vladimirs | Terms descriptions | Medium | 4.4 | 2025-07-18 05:23:59 | Deep Dive |
| CVE-2025-47592 | WordPress Legal Terms and Conditions Popup for User Login and WooCommerce Checkout – TPUL plugin <= 2.0.8 - Cross Site Scripting (XSS) Vulnerability | Árpád Lehel Mátyus | Terms Popup On User Login | Medium | 5.9 | 2025-05-07 14:20:24 | Deep Dive |
| CVE-2025-31614 | WordPress Terms Before Download plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability | hiroprot | Terms Before Download | Medium | 6.5 | 2025-03-31 12:55:41 | Deep Dive |
| CVE-2025-31440 | WordPress Terms of Use plugin <= 2.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability | Strategy11 Team | Terms of Use | High | 7.1 | 2025-03-28 11:54:18 | Deep Dive |
| CVE-2025-30866 | WordPress Terms & Conditions Per Product plugin <= 1.2.15 - Broken Access Control Vulnerability | Giannis Kipouros | Terms & Conditions Per Product | Medium | 5.3 | 2025-03-27 10:55:35 | Deep Dive |
| CVE-2025-23752 | WordPress CGD Arrange Terms plugin <= 1.1.3 - Reflected Cross Site Scripting (XSS) vulnerability | Clifton Griffin | CGD Arrange Terms | High | 7.1 | 2025-01-27 14:22:14 | Deep Dive |
| CVE-2024-12636 | Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.2.7 - Cross-Site Request Forgery | wplegalpages | Privacy Policy Generator – WPLP Legal Pages | Medium | 4.3 | 2024-12-25 04:22:04 | Deep Dive |
| CVE-2024-51610 | WordPress Display Terms Shortcode plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability | seothemes | Display Terms Shortcode | Medium | 6.5 | 2024-11-09 14:11:52 | Deep Dive |
| CVE-2024-9374 | Terms descriptions <= 3.4.6 - Reflected Cross-Site Scripting | vladimirs | Terms descriptions | Medium | 6.1 | 2024-10-24 04:32:26 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-47336 | WordPress Terms Descriptions plugin <= 3.4.7 - Cross Site Scripting (XSS) vulnerability | Vladimir Statsenko | Terms descriptions | Medium | 5.9 | 2024-10-06 10:54:56 | Deep Dive |