浏览 62+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-68011 | WordPress GLS Shipping for WooCommerce plugin <= 1.4.0 - Cross Site Scripting (XSS) vulnerability | GLS | GLS Shipping for WooCommerce | - | - | 2026-01-22 16:52:02 | Deep Dive |
| CVE-2026-0678 | Shipping Rates by City for WooCommerce <= 1.0.3 - Authenticated (Shop Manager+) SQL Injection via 'cities' Parameter | logiceverest | Shipping Rates by City for WooCommerce | Medium | 4.9 | 2026-01-14 05:28:08 | Deep Dive |
| CVE-2025-68528 | WordPress Free Shipping Bar: Amount Left for Free Shipping for WooCommerce plugin <= 2.4.9 - Cross Site Scripting (XSS) vulnerability | WPFactory | Free Shipping Bar: Amount Left for Free Shipping for WooCommerce | Medium | 6.5 | 2025-12-24 12:31:26 | Deep Dive |
| CVE-2025-62995 | WordPress MultiParcels Shipping For WooCommerce plugin <= 1.30.12 - Broken Access Control vulnerability | multiparcels | MultiParcels Shipping For WooCommerce | - | - | 2025-12-09 14:52:26 | Deep Dive |
| CVE-2025-66109 | WordPress Cart Weight for WooCommerce plugin <= 1.9.11 - Broken Access Control vulnerability | Octolize Shipping Plugins | Cart Weight for WooCommerce | Medium | 5.3 | 2025-11-21 12:30:05 | Deep Dive |
| CVE-2025-10191 | Big Post Shipping for WooCommerce <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | fusedsoftware | Big Post Shipping for WooCommerce | Medium | 6.4 | 2025-09-30 03:35:29 | Deep Dive |
| CVE-2025-58656 | WordPress Estonian Shipping Methods for WooCommerce Plugin <= 1.7.2 - Sensitive Data Exposure Vulnerability | Risto Niinemets | Estonian Shipping Methods for WooCommerce | Medium | 5.3 | 2025-09-22 18:23:06 | Deep Dive |
| CVE-2025-53213 | WordPress ReachShip WooCommerce Multi-Carrier & Conditional Shipping <= 4.3.1 - Arbitrary File Upload Vulnerability | ELEXtensions | ReachShip WooCommerce Multi-Carrier & Conditional Shipping | Critical | 9.9 | 2025-08-20 08:03:17 | Deep Dive |
| CVE-2025-48253 | WordPress Free Shipping Bar: Amount Left for Free Shipping for WooCommerce plugin <= 2.4.6 - Cross Site Scripting (XSS) Vulnerability | WPFactory | Free Shipping Bar: Amount Left for Free Shipping for WooCommerce | Medium | 6.5 | 2025-05-19 14:44:58 | Deep Dive |
| CVE-2025-24553 | WordPress Shipping with Venipak for WooCommerce plugin <= 1.22.3 - Reflected Cross Site Scripting (XSS) vulnerability | Akadrama | Shipping with Venipak for WooCommerce | High | 7.1 | 2025-04-17 15:48:22 | Deep Dive |
| CVE-2025-32535 | WordPress DN Shipping by Weight for WooCommerce Plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability | digireturn | DN Shipping by Weight for WooCommerce | High | 7.1 | 2025-04-17 15:47:36 | Deep Dive |
| CVE-2025-39564 | WordPress Conditional Shipping for WooCommerce plugin <= 3.4.0 - Cross Site Request Forgery (CSRF) Vulnerability | WP Trio | Conditional Shipping for WooCommerce | Medium | 6.5 | 2025-04-16 12:44:32 | Deep Dive |
| CVE-2025-31087 | WordPress Multiple Shipping And Billing Address For Woocommerce plugin <= 1.5 - PHP Object Injection Vulnerability | silverplugins217 | Multiple Shipping And Billing Address For Woocommerce | Critical | 9.8 | 2025-04-01 05:31:42 | Deep Dive |
| CVE-2025-27001 | WordPress Shipmondo – A complete shipping solution for WooCommerce plugin <= 5.0.3 - Authenticated Arbitrary WordPress Option Disclosure vulnerability | Shipmondo | Shipmondo – A complete shipping solution for WooCommerce | Medium | 6.5 | 2025-03-28 09:38:46 | Deep Dive |
| CVE-2025-26875 | WordPress Multiple Shipping And Billing Address For Woocommerce Plugin <= 1.3 - SQL Injection vulnerability | silverplugins217 | Multiple Shipping And Billing Address For Woocommerce | Critical | 9.3 | 2025-03-15 21:57:02 | Deep Dive |
| CVE-2025-23903 | WordPress Local Shipping Labels for WooCommerce Plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability | woofx | Local Shipping Labels for WooCommerce | High | 7.1 | 2025-03-03 13:30:21 | Deep Dive |
| CVE-2025-22639 | WordPress Distance Rate Shipping for WooCommerce plugin <= 1.3.4 - SQL Injection vulnerability | Techspawn | Distance Rate Shipping for WooCommerce | High | 8.5 | 2025-02-18 19:54:28 | Deep Dive |
| CVE-2025-22694 | WordPress Hide Shipping Method For WooCommerce plugin <= 1.5.1 - Broken Access Control vulnerability | Dotstore | Hide Shipping Method For WooCommerce | Medium | 4.3 | 2025-02-03 14:23:53 | Deep Dive |
| CVE-2025-24644 | WordPress WooCommerce PDF Invoices plugin <= 4.7.1 - Stored Cross Site Scripting (XSS) vulnerability | WebToffee | WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels | Medium | 5.9 | 2025-01-24 17:24:43 | Deep Dive |
| CVE-2024-11815 | Pósturinn\'s Shipping with WooCommerce <= 1.3.1 - Reflected Cross-Site Scripting | posturinn | Pósturinn\'s Shipping with WooCommerce | Medium | 6.1 | 2025-01-09 11:11:01 | Deep Dive |