浏览 26+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2924 | Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem <= 3.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'imageLoad' | jegstudio | Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem | Medium | 6.4 | 2026-04-04 02:26:20 | Deep Dive |
| CVE-2025-10896 | Multiple Plugins <= Multiple Versions - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Upload | litonice13 | Image Comparison Addon for Elementor | High | 8.8 | 2025-11-04 04:27:13 | Deep Dive |
| CVE-2025-49929 | WordPress Ultimate Blocks plugin <= 3.3.6 - Cross Site Scripting (XSS) vulnerability | Ultimate Blocks | Ultimate Blocks | Medium | 6.5 | 2025-10-22 14:32:15 | Deep Dive |
| CVE-2025-8059 | B Blocks <= 2.0.6 - Missing Authorization to Unauthenticated Privilege Escalation via rgfr_registration Function | bplugins | bBlocks – Essential Gutenberg Blocks & Patterns Collection | Critical | 9.8 | 2025-08-12 04:25:40 | Deep Dive |
| CVE-2025-2918 | Ultimate Blocks – WordPress Blocks Plugin <= 3.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | ultimateblocks | Ultimate Blocks – 25+ Gutenberg Blocks for Block Editor | Medium | 6.4 | 2025-06-10 11:22:52 | Deep Dive |
| CVE-2025-48234 | WordPress Ultimate Blocks plugin <= 3.3.0 - Cross Site Scripting (XSS) Vulnerability | Ultimate Blocks | Ultimate Blocks | Medium | 6.5 | 2025-05-19 14:44:50 | Deep Dive |
| CVE-2025-47493 | WordPress Ultimate Blocks plugin <= 3.2.9 - Cross Site Scripting (XSS) Vulnerability | Ultimate Blocks | Ultimate Blocks | Medium | 6.5 | 2025-05-07 14:19:53 | Deep Dive |
| CVE-2025-31077 | WordPress Ultimate Blocks plugin <= 3.2.7 - Cross Site Scripting (XSS) vulnerability | Ultimate Blocks | Ultimate Blocks | Medium | 6.5 | 2025-03-28 09:39:57 | Deep Dive |
| CVE-2025-1312 | Ultimate Blocks – WordPress Blocks Plugin <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting | ultimateblocks | Ultimate Blocks – 25+ Gutenberg Blocks for Block Editor | Medium | 6.4 | 2025-03-26 11:22:11 | Deep Dive |
| CVE-2025-1703 | Ultimate Blocks <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via content Parameter | ultimateblocks | Ultimate Blocks – 25+ Gutenberg Blocks for Block Editor | Medium | 6.4 | 2025-03-26 09:21:49 | Deep Dive |
| CVE-2024-11153 | Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More <= 2.5.0 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | danieliser | Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More | Medium | 5.3 | 2025-03-05 11:22:11 | Deep Dive |
| CVE-2024-54264 | WordPress Shortcodes Blocks Creator Ultimate plugin <= 2.2.0 - Reflected Cross Site Scripting (XSS) vulnerability | cmorillas1 | Shortcodes Blocks Creator Ultimate | High | 7.1 | 2024-12-13 14:24:43 | Deep Dive |
| CVE-2024-10678 | Ultimate Blocks < 3.2.4 - Contributor+ Stored XSS | Unknown | Ultimate Blocks | 中危 | - | 2024-12-13 06:00:02 | Deep Dive |
| CVE-2024-12167 | Shortcodes Blocks Creator Ultimate <= 2.2.0 - Reflected Cross-Site Scripting via _wpnonce | cmorillas1 | Shortcodes Blocks Creator Ultimate | Medium | 6.1 | 2024-12-07 01:45:52 | Deep Dive |
| CVE-2024-12166 | Shortcodes Blocks Creator Ultimate <= 2.2.0 - Reflected Cross-Site Scripting via 'page' | cmorillas1 | Shortcodes Blocks Creator Ultimate | Medium | 6.1 | 2024-12-07 01:45:50 | Deep Dive |
| CVE-2024-10340 | Shortcodes Blocks Creator Ultimate <= 2.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | cmorillas1 | Shortcodes Blocks Creator Ultimate | Medium | 6.4 | 2024-11-05 02:04:04 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-8536 | Ultimate Blocks < 3.2.2 - Contributor+ Stored XSS | Unknown | Ultimate Blocks | 中危 | - | 2024-09-30 06:00:07 | Deep Dive |
| CVE-2024-6362 | Ultimate Blocks < 3.2.0 - Contributor+ Stored XSS | Unknown | Ultimate Blocks | - | - | 2024-07-29 06:00:08 | Deep Dive |
| CVE-2024-37457 | WordPress Ultimate Blocks – WordPress Blocks Plugin plugin <= 3.1.9 - Cross Site Scripting (XSS) vulnerability | Ultimate Blocks | Ultimate Blocks – Gutenberg Blocks Plugin | Medium | 6.5 | 2024-07-21 22:11:50 | Deep Dive |